Multi-services application gateway and system employing the same

ABSTRACT

An intelligent gateway device provided at a premise (home or business) for providing and managing application services associated with use and support of a plurality of digital endpoint devices associated with the premises. The device includes a communications and processing infrastructure integrated with a peer and presence messaging based communications protocol for enabling communications between the device and an external support network and between the device and connected digital endpoint devices. A services framework at the gateway device implements the communications and processing infrastructure for enabling service management, service configuration, and authentication of user of services at the intelligent gateway. The framework provides a storage and execution environment for supporting and executing received service logic modules relating to use, management, and support of the digital endpoint devices. Thus, the gateway device provides a network-based services point of presence for a plurality of digital endpoint devices at the premises.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.14/294,957, filed Jun. 3, 2014, which is a continuation application ofU.S. patent application Ser. No. 14/024,362, entitled “Multi-ServicesApplication Gateway and System Employing the Same”, filed Sep. 11, 2013,which is a continuation-in-part application of U.S. patent applicationSer. No. 12/521,757, filed Apr. 28, 2010, now U.S. Pat. No. 8,543,665and also entitled “Multi-Services Application Gateway and SystemEmploying the Same”, which is a national phase application under 35C.F.R. 371 of international Application No. PCT/US2007/089237, filedDec. 31, 2007, which claims benefit of U.S. Provisional application Ser.No. 60/882,862, filed Dec. 29, 2006 and U.S. Provisional applicationSer. No. 60/882,865, filed Dec. 29, 2006, the disclosure of which areall incorporated by reference herein in their entireties for theirteaching including any references cited therein.

FIELD OF THE INVENTION

The present invention relates generally to manage services forsupporting and managing the emerging digital home, and moreparticularly, to a gateway appliance for providing managed services tothe home.

BACKGROUND

The digital home is now becoming more complex with the myriad of new andemerging digital devices intended to address many user and consumerneeds such as communication, entertainment, privacy, and security, etc.However, given the complexity of the emerging digital home and digitalenvironments generally, users who are technologically challenged mayfind it a daunting and intimidating task to manage their home networksand interconnected digital devices. Moreover, new paradigms are emergingoriented to delivering media content to and the consuming of mediacontent at the home. The protection of received Internet-sourced mediacontent in additional to user-generated media content is additionally animportant aspect that may be inadequately addressed by thetechnologically challenged user. Furthermore, with respect to Internetbased data while most of the content delivery solutions are provided tothe digital home networks through availability of the “two-foot”interface (i.e., the PC), it is relatively cumbersome to bring thiscontent to the “ten-foot” interface (e.g., the television).

In addition to hardware limitations, there is a lack of meaningfuldirection and “coaching” leveraging new information technology that arenow becoming available for use in the home or small enterprise, therebylimiting the ability of the user to improve their lives, make the“right” decisions, or meet domain-specific objectives such as smarternutrition, meeting exercise targets, medication regimen conformance,disciplined financial actions, etc., with the explosion of connecteddevices, personal and home sensors, and access to user and family dataprovides improved self-visibility of behavior and performance to theuser. Existing solutions and services (home automation, energymanagement, media services, exercise, e-health solutions, financialmanagement program, presence programs, etc.) are “siloed”, notintegrated, with other aspects of the user's life, don't fully leveragethe influence of social media friends, don't enable users to developpersonalized objectives, and don't provide expert-level coaching. At thesame time, users are exposed to advertising and offers/incentives thatmay or may not be relevant to the moment, and may not be complementaryto the users' overarching objectives, and may compromise a users'private and confidential information.

What is needed are solutions for providing managed services forsupporting and managing the emerging digital home including providing agateway appliance that can offer managed services to its users toinclude incorporation of a causation and correlation engine abilitiesthat enable broader services for users.

SUMMARY

In accordance with features of the present invention, solutions areprovided for providing managed services for supporting and managing theemerging digital home including providing a gateway appliance that canoffer managed services to its users to include incorporation of acausation and correlation engine abilities that enable broader servicesfor users. Examples of areas where useful objectives may be establishedinclude: Financial Objectives, Health/Medical Objectives, ExerciseObjectives, Nutrition Objectives, Advertising Objectives, Home SecurityObjectives, Purchasing Objectives, Energy Conservation Objectives, etc.

In accordance with features of the present invention, a media managerresiding at a user can include a video retrieval module operable toretrieve and capture video activity of at least one media display deviceas a video activity stream, and a media management module coupled to thevideo retrieval module and the at least one media display device isoperable to receive the video activity stream. The media managementmodule can be further operable to receive a user command to view thevideo activity stream at a selected other media display device coupledto the media management module, and direct the video activity stream tothe selected other media display device.

In accordance with features of the present invention, a gateway deviceresiding at a user premises can include an application service modulehaving at least one application, the application service module residingon a user premises side of a network service provider demarcation, auser module having a user interface that can be associated with the atleast one application, wherein the user module enables bi-directionalcommunications with at least one media player device, a network modulehaving the connection that enables bi-directional communications with aremote service manager, a video retrieval module operable to retrieveand capture video activity of at least one media display device as avideo activity stream, and a media management module coupled to thevideo retrieval module and the at least one media display device, andbeing operable to receive the video activity stream. The mediamanagement module can be further operable to receive a user command toview the video activity stream at a selected other media display devicecoupled to the media management module, and direct the video activitystream to the selected other media display device. The gateway devicemay have router functionality integrated within the gateway or therouter functionality may be provided by a separate physical devicewithin the premise.

In accordance with features of the present invention, a media managercan include a tuner coupled to at least one media source operable toselectively receive at least one media stream of at least one type ofmedia content, a media processor coupled to the tuner and operable toreceive the at least one media stream and convert the media stream to apredetermined data format, the at least one media stream comprisingmetadata, a media management module coupled to the media processor andoperable to receive the at least one media stream in the predetermineddata format, and direct the media stream to a first predetermined mediaplayer device coupled to the media processor. The media managementmodule is operable to receive a selection of a media content by a firstuser from a first predetermined media player device to determine whetherthe metadata of the selected media content comprises user controlparameters associated therewith, to send a notification to a secondpredetermined media player device to obtain permission, and to streamthe selected media content to the first predetermined media playerdevice only in response to receiving permission from a second user withauthority over the user control parameters.

In accordance with features of the present invention, a method ofmonitoring activity on a first media display device at a user premisescan include receiving, at a gateway device, a stream of media content inresponse to a first user's request input at a first media displaydevice, the media content comprising metadata, sending to a second mediadisplay device a notification with predetermined elements of themetadata seeking authorization to stream the media content to the firstmedia display device, and streaming the requested media content to thefirst media display device only in response to an authorizationnotification being received by the gateway device. The gateway devicecomprises a LAN connection by which the gateway can be coupled to mediadisplay devices and a media storage device, and an application servicemodule enabling the gateway device to receive and stream media toselected media display devices associated with the gateway device and tosend and receive digital notification to and from the media displaydevices.

In accordance with features of the present invention, a gateway devicefor operation at a user premise can have at least one endpoint deviceassociated with the gateway device, the gateway device being incommunication with a remote service manager, the gateway device caninclude an application service module having at least one application,the application service module being remotely managed by a remoteservice manager via a connection, a user module having a user interfacethat can be associated with the at least one application, wherein theuser module enables bi-directional communications with the at least oneendpoint device, a network module having the connection that enablesbi-directional communications with the remote service manager, and aprocessor coupled to the user module, application service module, andnetwork module, wherein the processor comprises an accessibility testingmodule operable to verify network signaling accessibility to the gatewaydevice by at least one remote endpoint device.

In accordance with features of the present invention, a method ofverifying network signaling accessibility to a first gateway device byat least one remote device can be provided, where the method can includesending a message regarding access details to the at least one remotedevice coupled via a WAN to the first gateway device, testingaccessibility using a publicly available communication protocol, sendingthe results of the accessibility test information to the first gatewaydevice, and if the test is successful, updating data on a storage devicecoupled to the first gateway device.

In accordance with features of the present invention, a system having atleast one remote service manager coupled to a network can be provided.The system can further have at least one gateway device disposed at auser premises and in communication with the at least one remote servicemanager through a network module coupled to the network. The at leastone gateway device having at least one application performingtraditional central office functions for voice services and logicallypositioned on the user premises side of the network service providerdemarcation. The system can also have at least one endpoint devicedisposed at the user premises and in communication through a user modulewith the at least one gateway device. The at least one endpoint devicecan be operable to generate, through the at least one gateway device, amessage by executing the at least one application performing traditionalcentral office functions for voice services. Furthermore, the system hasa voice service manager disposed at the at least one remote servicemanager, the voice manager being configured to deliver the message fromthe network to a second network. The at least one gateway device can beoperable to enable, under the control of the at least one remote servicemanager, the at least one endpoint device to generate, maintain, andterminate the message.

In accordance with features of the present invention, a method can beprovided for enabling an endpoint device to communicate through at leastone gateway device to conduct a telephone call wherein traditionalcentral office based functions for voice services associated with thetelephone call have been moved to the user premises. The method caninvolve configuring the at least one gateway device at a user premisesby a remote service manager through a network module connected to anetwork with at least one application supporting traditional centraloffice based functions for voice services. Furthermore, the method caninclude enabling the at least one gateway device to execute the at leastone application supporting traditional central office based functionsfor voice services and disposed on the user premises side of a networkservice provider demarcation. Also, the method can include detecting andconfiguring a first endpoint device associated with the at least onegateway device capable of supporting voice services by the at least onegateway device, the first endpoint device executing the at least oneapplication supporting traditional central office based functions forvoice services. Additionally, the method can involve communicatingthrough a user module by the first endpoint device with the at least onegateway device to access the at least one application supportingtraditional central office based functions for voice services. Themethod can also include managing voice services through the remoteservice manager to enable the first endpoint device to communicate witha second endpoint device.

BRIEF DESCRIPTION OF THE FIGURES

Further features, aspects, and advantages of the structures and methodsof the present invention will become better understood with regard tothe following description, appended claims, and accompanying drawingswhere:

FIG. 1A depicts a multi-services applications gateway appliance 10according to the present invention;

FIGS. 1B(1) and 1B(2) illustrate the gateway appliance connection to thein-premise devices in different embodiments;

FIG. 1C illustrates the Ingress/Egress Interfaces on the gatewayappliance according to one embodiment;

FIG. 1D illustrates the gateway appliance interface IP address and portof the gateway appliance according to one embodiment;

FIGS. 2A-2C depict the software and hardware architectures of themulti-services applications gateway appliance 10 according to thepresent invention;

FIG. 2D depicts a boot sequence and initialization process for themulti-services applications gateway appliance 10 of FIG. 1A;

FIG. 3 conceptually depicts the physical demarcation point in a storagemedia that provides isolation of downloaded service logic and associateddata for implementing services from service provider and/or downloadedcontent from a user generated content in accordance with the invention;

FIG. 3A conceptually depicts a virtual hosting (space-sharing) serviceprovided by the gateway device of the present invention;

FIG. 4 depicts the networked operations services support infrastructure50 for delivering service capabilities to the multi-servicesapplications gateway appliance 10 of FIG. 1A;

FIGS. 5A-5C describe aspects of an initialization technique 200 forestablishing a gateway appliance's connection to and enablingcommunication with the networked operations services supportinfrastructure;

FIGS. 6A-6E describe more detailed interactions for functions andservices to illustrate the core network elements of the networkedoperations service support center 50;

FIG. 6F is an architectural diagram that illustrates an overview forcommunicating or sharing between the gateway appliances in oneembodiment;

FIG. 6G illustrates an architectural overview of alarms and statisticsaggregator functionality in the support network in one embodiment;

FIG. 7 illustrates an example architectural diagram for providing call(e.g., voice or other media) processing in one embodiment;

FIG. 8 illustrates high-level block diagram of PCCE module, which can beassociated with the services layer within the application gateway;

FIG. 9 illustrates an expanded view of drawing 2C depicting the PCCEmodule within the software architecture of the application gateway;

FIG. 10 illustrates a detailed view of the PCCE, PCCE sub-modulecomponents, and a logical view of the exemplary sources of data andevents acquired and utilized by the PCCE; and

FIG. 11 illustrates an example of meta-data collection and eventprocessing as carried out by the PCCE, appliance, and system of thepresent invention in one embodiment.

DETAILED DESCRIPTION

Applicant's issued U.S. Pat. No. 8,027,335 entitled MULTIMEDIA ACCESSDEVICE AND SYSTEM EMPLOYING THE SAME incorporated by reference herein,describes a media access device that facilitates communication betweenusers employing disparate communication devices and messaging protocolsassociated with different service providers that is located within thecustomer premises and that allows for onsite or remote configuration.This solution is a highly specific implementation that provides advancedtelephony particularly specific services associated with Voice over IPcommunications in an Instant Messaging infrastructure. Whilecomprehensive, this system does not address the servicing and managementof other digital endpoint devices in the home. Furthermore, this priorart solution requires manual intervention to initiate, configure, andmaintain many of the call service, IM, and other service relatedfeatures for users which can be burdensome for the technicallychallenged.

A significant demand exists for simplifying the management and back-upservices of the digital home or even the small enterprise that takesaway the complexity of the maintenance, upgrading, and operation of eventhe more basic needs addressed by these emerging digital endpointdevices and networks, e.g., access management (e.g., parental controls),etc.

Home “gateway” and like router/gateway appliances are currentlyavailable for the home and small business that allow several computersto communicate with one another and to share a broadband Internetconnection. These devices function as routers by matching local networkaddresses and the hostnames of the local computers with the actualnetworking hardware detected. As gateways, these devices translate localnetwork addresses to those used by the Internet for outgoingcommunications and do the opposite translation for incoming packets.

For example, U.S. Pat. No. 6,930,598 is representative of a home gatewayserver appliance enabling networked electronic devices to communicatewith each other without the direct interaction with external networksand that provides a mechanism whereby a member of the household may beinformed of certain network related events without having to use theirhome computer or other client devices.

It would be highly desirable to provide a multi-services applicationgateway device that provides not only IP-based communication and voiceservices, but services management capability associated with use ofdigital home devices, and obviates the need for users to attend to theprovisioning, management, configuration, and maintenance of the emerginghome/business digital networks including the myriad of interconnecteddigital endpoint devices connected thereto.

The present invention is directed to a novel gateway appliance that isprogrammed to simplify various aspects of managing the emerginghome/business digital networks including the myriad of interconnecteddigital endpoint devices.

The novel gateway appliance is further programmed to simplify supportservices in the digital home including: media delivery, contentmanagement, access control and use tracking, file sharing, andprotection and back-up services of both Internet/Web-generated digitalmedia content and user generated digital media content.

The appliance of the present invention further operates in conjunctionwith a service delivery platform that provides IP-based connectivity todigital devices in the home, e.g., VoIP phones, the personal computer,personal music players, and the like, and emphasizes ease of use andmanagement of these digital devices for the technically challenged.

The novel gateway appliance is further programmed to simplify homeautomation operations, e.g., lights, garage doors, and particularly,facilitating remote access to and management of home automation devices.More particularly, the home or business appliance of the presentinvention operates in conjunction with a novel network operationsframework and network service center that supports the managed servicesand all of the manageable capabilities of the home/business. Forinstance, the appliance and supporting network service centerarchitecture provides for distributing configuration and datainformation to residential home gateways; provides updates toresidential home gateways; enables inbound services to in-home gateways;provides remote web access to residential home gateways (include loginvia control channel); provides off-premise voice extensions for aresidential home gateway; provides remote diagnostics and home networkmanagement; collects billing records; alarms and statistical informationfrom residential home gateways; updates and manages endpoints in thedigital home; and enables remote control of “smart devices” in the home.

For the in-home services, the multi-services gateway appliance connectsthe various service delivery elements together for enabling the user toexperience a connected digital home, where information from one source(for example, voicemail) can be viewed and acted on at another point(for example, the TV). The multi-services gateway appliance hosts thevarious in-home device interfaces and facilitates the moving ofinformation from one point to another. Some of the in-home endpointdevice processing duties performed by the appliance 10 include, but arenot limited to: 1) detecting new devices and provide IP addressesdynamically or statically; 2) functioning as a (Network AddressTranslator) NAT, Router, and Firewall; 3) providing a centralized diskstorage in the home; 4) obtaining configuration files from the networkand configures all in-home devices; 5) acting as a registrar forSIP-based devices; 6) receiving calls from and deliver calls to voicedevices; provide voicemail services; 7) decrypting and securelystreaming DRM'd media; 8) distributing media to an appropriate in-homedevice; 9) compressing and encrypting files for network back-up; 10)backing-up files to the network directly from appliance; 11) handlinghome automation schedules and changes in status; 12) providing in-homepersonal web-based portals for each user, 13) providing Parental ControlServices (e.g., URL filtering, etc.); 14) creating and transmittingbilling records of in-home devices including, recording, and uploadingmulti-service billing event records; 15) distributing a PC client toPC's in the home used in support of the various services such asmonitoring events or diagnostic agents; 16) storing and presenting gamesthat users and buddies can play; 17) delivering context-sensitiveadvertising to the end point device; 18) delivering notifications to theendpoint device; and 19) enabling remote access through the web, IMclient, etc. Other duties the gateway appliance 10 may perform include:service maintenance features such as setting and reporting of alarms andstatistics for aggregation; perform accessibility testing; notify aregistration server (and Location server) of the ports it is “listening”on; use IM or like peer and presence communications protocol informationfor call processing and file sharing services; receive provisioninginformation via the registration server; use a SIP directory server tomake/receive calls via the SBC network element to/from the PSTN andother gateway appliance devices; and download DRM and non-DRM basedcontent and facilitating the DRM key exchanges with media endpoints.

According to the present invention, with reference to FIG. 1A, thepresent invention is a next-generation multi-services residentialgateway appliance 10, also referred to herein as “the appliance”, thatcan be used at the home or business (“premises”) that is programmed tosimplify various aspects of managing the emerging home/business digitalnetworks including the myriad of interconnected digital endpointdevices. With processing, storage, and network connectivity to a novelnetwork operations support infrastructure 50, the gateway appliance iscapable of extending the service provider's network demarcation pointinto the subscriber's home offering powerful capabilities at thecustomer's residence. By leveraging powerful processing and intelligenceresiding on the gateway appliance at the customer's premise, thesolution for the premises provided by the gateway appliance addressesrequirements such as shared Internet connection, remote diagnostics andinstallation help, integrated VoIP support, connected entertainmentofferings, and bundled services via a single platform. Besides providinga secure platform for building and providing multiple services fordigital clients at the premises, the appliance, in combination with anovel network operations support infrastructure 50, additionallyprovides a communications and instant messaging-type framework includingpresence and networking capability for enabling file-sharingcapabilities amongst a community of peers, friends, or family. As partof the presence and networking capability offered, connectivity isrequired between the appliance 10 and a network operations supportinfrastructure or service center (SC) 50 described in further detailherein below and that is particularly enabled to support thenext-generation multi-service applications gateway appliance provided atthe premises that assumes many of the functions that are typicallynetwork-based.

As shown in FIG. 1A, secure connectivity to the service center 50 isprovided, in one embodiment, via a wide area networks (WAN) interfacesuch as Ethernet WAN 53 over a broadband connection via the publicInternet 99, or, for example, via a wireless EvDO (Evolution DataOptimized) Internet data interface embodied as a PCMCIA (personalcomputer memory) wireless card 56. As will be described in greaterdetail hereinbelow, the service center 50 generally provides a secureIP-based communications and processing infrastructure for supporting thevariety of services and applications and communications residing atmultiple gateway devices 10 ₁, . . . 10 n. This support architecture isdesigned for high availability, redundancy, and cost-effective scaling.

The secure platform for building and providing multiple services fordigital clients at the premises assumes connectivity between theappliance 10 and each of a user's digital devices (referredinterchangeably herein as “digital endpoints” or “digital endpointdevices”). This connectivity may be provided by implementation of one ormore USB ports (interfaces) 13, a wired Local Area Network connectionsuch as provided by an Ethernet local area network (LAN) interface 16,or a wireless network interface via a WiFi LAN access point 62 provided,for example, in accordance with the I.E.E.E. 802.11 b/g/n wireless orwireless network communications standard. These physical interfacesprovide IP network interconnectivity to the endpoint devices connectedto a local IP network 60 at the premises.

That is, the gateway appliance interfaces with digital endpoint devicesincluding, but not limited to: a home automation networking device 20(e.g., X10, Z-Wave or ZigBee) for wired or wireless home networkautomation and control of networked home devices such as a switchcontroller 22, sensor devices 23, automatically controlled window blinds24, a controlled lighting or lamp unit 25, etc.; individual or a wiredor wireless network of personal computing (PC) and laptop/mobile devices30 a, . . . , 30 c that serve as file sources, control points, and hostsfor various other client endpoints; one or more television displaydevices 32 including associated set top boxes (STB) 35 a or digitalmedia adapter (DMA) 35 b; and one or more VoIP phone devices (e.g., SIPphones) 40, or other devices (not shown) that convert IP interfaces toPSTN FXO and FXS interfaces. Although not shown in FIG. 1A, otherdigital endpoint devices for which connectivity may be established withthe appliance 10 include, but are not limited to: personal music ormedia players, hi-fi audio equipment with media streaming capability,game stations, Internet radio devices, Wi-Fi phones, wifi or otherwirelessly enabled digital cameras, facsimile machines, electronicpicture frames, health monitors (sensor and monitoring devices), etc. Aswill be described in greater detail herein, the gateway applianceincludes both a hardware and software infrastructure that enables abridging of the WAN and LAN networks, e.g., a proxy function, such thatcontrol of any digital endpoint device at the premises from the same orremote location is possible via the gateway appliance 10 using a securepeer and presence type messaging infrastructure or other communicationsprotocols, e.g., HTTPS.

For example, via any IM-capable device or client 80 a, 80 b respectivelyconnected with an Instant Messaging (IM) or XMPP (Extensible Messagingand Presence Protocol) network messaging infrastructure, e.g., IMnetworks 99 a, 99 b such as provided by Yahoo, Microsoft (MSN), Skype,America Online, ICQ, and the like, shown for purposes of illustration inFIG. 1A, a user may access any type of functionality at a subordinatedigital end point device at the premises via the appliance 10 andservice center 50 by simple use of peer and presence messagingprotocols. In one exemplary embodiment, a peer and presencecommunications protocol may be used such as Jabber and/or XMPP.Particularly, Jabber is a set of streaming XML protocols andtechnologies that enable any two entities on the Internet to exchangemessages, presence, and other structured information in close to realtime. The Internet Engineering Task Force (IETF) has formalized the coreXML streaming protocols as an approved instant messaging and presencetechnology under the name of XMPP (Extensible Messaging and PresenceProtocol), the XMPP specifications of which are incorporated byreference herein as IETF RFC 3920 and RFC 3921. Thus, the gatewayappliance of the present invention is provided with functionality forenabling a user to remotely tap into and initiate functionality of adigital endpoint device or application at the premises via the IM-basedmessaging framework. In addition, the appliance 10 and networkconnectivity to the novel service center 50, in accordance with theinvention, provides a secure peer and presence messaging framework,enabling real-time communications among peers via other gatewayappliances 10 ₁, . . . , 10 n. For instance, the appliance provides theability to construct communication paths between peers with formalcommunications exchanges available between, for example, one applianceat a first premises and a second appliance located at the remotepremises. Thus, such an infrastructure provides for content addressing,enabling peers through remote gateway appliances 10 ₁, . . . , 10 n tosupply and request content such as files, media content or otherresources of interest to a community of interest.

Besides handling all aspects of the digital home communications, e.g.,IP, voice, VoIP, phone connectivity, the gateway appliance 10, whenoperable with the service center 50, provides a service-orientedarchitecture that manages services for the digital home and facilitatesthe easy addition of new services or modification of existing services.Such services may include, for example, facility management (homeautomation), media content downloading and Digital Rights Management(DRM), device updates, data backups, file sharing, media downloading andtransmission, etc., without the intermediary of a plurality of externalservice providers who may typically provide these individual servicesfor every digital endpoint device in the home or premises. That is, theappliance is integrated with hardware and software modules andrespective interfaces that handle all aspects of home automation anddigital endpoint service and management for the home in a manner withouthaving to rely on external service providers and in a manner that isessentially seamless to the user. This, advantageously is provided bythe service center 50 which is enabled to access regions of the gatewaydevice 10 that are not accessible to the user, e.g., for controlling thetransport and storing of digital content and downloading and enablingservice applications and upgrades and providing largely invisiblesupport for many tasks performed by users. Thus, central to theinvention, as will be described in greater detail herein below, is theprovision of service logic located and stored at the appliance 10providing soft-switch functionality for providing call-processingfeatures at the premises (rather than the network) for voicecommunications and enabling management of other service features to bedescribed. With the provision of central office type call services andother service features provided at the appliances 10 ₁, . . . , 10 n, adistributed soft-switch architecture is built. While transactions occurwith cooperation of the service center 50 to provide, for example,service subscription/registration, authentication/verification, keymanagement, and billing aspects of service provision, etc., and with allof the service logic and intelligence residing at the appliance, aservice provider can offer customers a broad spectrum of servicesincluding, but not limited to: media services, voice services, e.g.,VoIP, automated file backup services, file sharing, digital photomanagement and sharing, gaming, parental controls, home networking, andother features and functions within the home or premises (e.g., homemonitoring and control). Users can access their content and many of thesolution's features remotely. Moreover, software updates for the in-homedevices that require updating are handled in an automated fashion by thesystem infrastructure. The service center infrastructure additionallyprovides a web interface for third (3^(rd)) party service providers toround out the service solutions provided at the appliance for thepremises.

Gateway Appliance Software and Hardware Architecture

The composition of the premises gateway appliance 10 according to thepresent invention is now described in greater detail with reference toFIGS. 2A-2C. As shown in FIG. 2A, the gateway appliance 10 comprises alayered architecture 100 enabling the encapsulation of similarfunctionality; minimization of dependencies between functions indifferent layers; and facilitates reuse or sharing of logic across thelayers to provide a managed service framework 120. The servicemanagement functionality provided by the framework enables deployment ofnew services as pluggable modules comprising computer readableinstructions, data structures, program modules, objects, and otherconfiguration data in a plug and play fashion. The layered servicearchitecture 100 additionally provides the appliance with intra processcommunication and inter process communication amongst the many servicesand modules in the service framework layer that enables theprovisioning, management, and execution of many applications andservices 130 depicted, e.g., Services A, B, . . . , N at the gateway.Additionally, provided are the application service interfaces 140 thatenables communication from user endpoint devices with serviceenvironments. FIG. 2A thus depicts a high level service framework uponwhich are built services, e.g., downloaded via the support network aspackages that are developed and offered by a service entity forcustomers.

More particularly, as shown in FIG. 2B, a base support layer 102comprises essential hardware components including a processor device152, e.g., a system on chip central processing unit (“CPU”) thatincludes processing elements, digital signal processor resources, andmemory. The CPU 152 is also coupled to a random access memory (“RAM”)and additionally, non-volatile hard drive/disk magnetic and/or opticaldisk memory storage 154. Generally, the above-identified computerreadable media provide non-volatile storage of computer readableinstructions, data structures, program modules, objects, and other datafor use by the gateway device. As mentioned, the non-volatile harddrive/disk magnetic and/or optical disk memory storage 154 is preferablypartitioned into a network side which is the repository for storing allof the service logic and data associated with executing servicessubscribed to by the user and is invisible to the user, and a userpartition for storing user generated content and applications in whichthe user has visibility. Although not shown, the CPU 152 may be coupledto a microcontroller for controlling a display device. Additionalhardware components include one or more Ethernet LAN/WAN interface cards156 (e.g., 802.11, T1, T3, 56 kb, X.25, DSL or xDSL) which may includebroadband connections (e.g., ISDN, Frame Relay, ATM, Gigabit Ethernet,Ethernet over SONET, etc.), wireless connections, or some combination ofany or all of the above, one or more USB interfaces 158, and the PCMCIAEvDO interface card 160. A data encryption/decryption unit 162 isadditionally provided as part of the architecture for providing datasecurity features. A watchdog timer element or like timer reset element164 is provided as is one or more LED devices 166 for indicating statusand other usable information to users of the appliance. As further shownin FIG. 2B, the device drivers layer 104 comprises all of the devicedrivers for the various interfaces including a device driver for the USBinterface, PCMCIA and Ethernet interface cards, a LED controller, and anintegrated device electronics (“IDE”) controller for the hard disk drivedevice provided. Additionally, as shown as part of the hardware anddevice driver components is the WiFi LAN access point 62 andcorresponding 802.11 b/g/n wireless device driver.

As mentioned above, the gateway appliance provides an in-premisesfootprint enabling the service connectivity and local management toclient(s). The implementation of functions and the related control suchas a router (with quality of service (QoS)), firewall, VoIP gateway,voice services, and voice mail may be embodied and performed within theCPU 152.

Continuing, as shown in FIG. 2B, the device driver layer 104 comprises amultitude of driver interfaces including but not limited to: a PCMCIAdriver 104 a for enabling low level communication between the gatewayand the PCMCIA network interface card wireless interface, an IDE driver104 b for enabling low level communication between the gateway and thelocal mass memory storage element, an Ethernet driver 104 c for enablinglow level communication between the gateway and the Ethernet networkinterface card, a LED driver/controller 104 d, a USB driver 104 e, and awireless network driver 104 f. The drivers provide the connectivitybetween the low level hardware devices and the operating system 106which controls the execution of computer programs and providesscheduling, input-output control, file and data management, memorymanagement, and communication control and related services for theappliance. With respect to the operating system, the appliance maycomprise a computing device supporting any embedded operating system,any real-time operating system, any open source operating system, anyproprietary operating system, or even any operating systems for mobilecomputing devices as long as the operational needs of the clientdiscussed hereinbelow can be met. Exemplary operating systems that maybe employed include Windows®, Macintosh, Linux or UNIX or even anembedded Linux operating system. For instance, the gateway appliance maybe advantageously provided with an embedded operating system 106 thatprovides operating system functions such as multiple threads, first-infirst-out or round robin scheduling, semaphores, mutexes, conditionvariables, message queues, etc.

Built upon the system operating system 106 is a system services supportlayer providing both client-like and server-like functions 108 thatenable a wide range of functionality for the types of services capableof being managed by the gateway appliance. For instance, there isprovided a Dynamic Host Configuration Protocol (DHCP) client and serversoftware modules. The DHCP client particularly requests via a UDP/IP(User Datagram Protocol/Internet Protocol (e.g., Ipv4, Ipv6, etc.))configured connection information such as the IP address that thegateway appliance has been dynamically assigned by a DHCP service (notshown), and/or any subnet mask information, the gateway appliance shouldbe using. The DHCP server dynamically assigns or allocates network IPaddresses to subordinate client endpoints on a leased, i.e., timed,basis; a Virtual Private Network (VPN) client which may communicate viaa proxy server in the service control network according to a VPNprotocol or some other tunneling or encapsulation protocol; a SMPTclient for handling incoming/outgoing email over TCP in accordance withthe Simple Mail Transfer protocol; a Network Time Protocol (NTP) (RFC1305) for generating and correlating timestamps for network events andproviding generally time synchronization and distribution for theInternet; a Domain Name Server (DNS) client and server combination whichare used by the IP stack to resolve fully-qualified host or symbolicnames, i.e., mapping host names to IP addresses; a HTTP(S) serverhandles for handling secure Hypertext Transfer Protocol (HTTP) (SecureSockets Layer) communications for providing a set of rules for exchangesbetween a browser client and a server over TCP. It provides for thetransfer of information such as hypertext and hypermedia and for therecognition of file types. HTTP provides stateless transactions betweenthe client and server; a Secure File Transfer Protocol (SFTP) client andserver combination which protocols govern the ability for file transferover TCP; a SAMBA server which is an open source program providingCommon Internet Files Services (CIFS) including, but not limited to,file and print services, authentication and authorization, nameresolution, and service announcement (browsing); an EvDO/PPP driverincluding a Point-to-Point Protocol (PPP) daemon configuration; a PPPoE(Point-to-Point Protocol over Ethernet) client which combines thePoint-to-Point Protocol (PPP), commonly used in dialup connections, withthe Ethernet protocol, and which supports and provides authenticationand management of multiple broadband subscribers in a local area networkwithout any special support required from either the telephone companyor an Internet service provider (ISP). This device is thus adapted forconnecting multiple computer users on an Ethernet local area network toa remote site through the gateway and can be used to enable all users ofan office or home share a common Digital Subscriber Line (DSL), cablemodem, or wireless connection to the Internet; a Secure Shell or SSHserver implemented with HTTP protocol that provides network protocolfunctionality adapted for establishing a secure channel between a localand a remote computer, and encrypt traffic between secure devices byusing public-key cryptography to authenticate the remote computer and(optionally) to allow the remote computer to authenticate the user.Additionally, provided as part of the system services layer 108 isintelligent routing capability provided by an intelligent router device185 that provides Quality of Service (QoS, guaranteed bandwidth)intelligent routing services, for example, by enforcing routing protocolrules and supporting unlimited multiple input sources and unlimitedmultiple destinations, particularly, for routing communications tonetworked digital endpoint devices subordinate to the gateway; and acentral database server 183 for handling all of the database aspects ofthe system, particularly, for maintaining and updating registries andstatus of connected digital endpoint devices, maintaining and updatingservice configuration data, services specific data (e.g., indexes ofbacked-up files, other service specific indexes, metadata related tomedia services, etc.) and firmware configurations for the devices, andfor storing billing and transaction detail records, performancediagnostics, and all other database storage needs as will be describedin greater detail herein.

Referring back to FIGS. 2A and 2B, built on top of the system serviceslayer 108 is the platform management layer 110 providing a softwareframework for operating system and communications level platformfunctionality such as CPU management; Timer management; memorymanagement functions; a firewall; a web wall for providing seamless WWWaccess over visual displays via access technologies enumerated herein,e.g., HTTP, SMS (Short Messaging Service), and WAP (Wireless AccessProtocol); QoS management features, Bandwidth management features, andhard disk drive management features.

Further provided are platform management features 110 as shown in FIG.2C that include a platform manager module which will implement uniquerules based notification services on operational failure, i.e., when oneof the components or services fails, the platform manager would detectthis failure and take appropriate action such as implement a sequence ofrules; a scheduler module for managing scheduled device maintenance,managing scheduled services, e.g., back-up services, etc.; a diagnosticsmodule; a firmware upgrades management module for managing firmwareupgrades; a resource management module for managing system resources anddigital contention amongst the various resources, e.g., CPU/Bandwidthutilization, etc.; and a display management module and a loggermanagement module for storing and tracking gateway log in activity ofusers and applications, e.g., voice call logs, at the premises. As willbe explained in greater detail, the platform management layer in concertwith resource and service management components enforces the separationof network side managed service control and user side delegationsdepending upon service subscriptions and configurations. For example,the platform and resource management encompass rules and guidelinesprovided according to subscribed services that act to enforce, manageand control input/output operations, and use of hard drives space, etc.A demarcation point is thus defined that provides a hard line betweenwhat is owned by the customer and what is owned by the service provider.

Referring back to FIGS. 2A and 2C, built on top of the platformmanagement layer 110 is the Services Framework 120 providing a libraryof application support service processes that facilitate data collectionand data distribution to and from the multimedia access devicesincluding, but not limited to: authentication management for use inauthenticating devices connected to the gateway; billing management forcollecting and formatting service records and service usage by endpointdevices, e.g., calls, back-up services, etc.; fault management fordetecting and managing determined system and/or service faults that aremonitored and used for performance monitoring and diagnostics; databasemanagement; a control channel interface via which the gateway initiatessecure communications with the operations support infrastructure;configuration management for tracking and maintaining deviceconfiguration; user management; service management for managing serviceconfiguration and firmware versions for subscribed services provided atthe gateway appliance; and statistics management for collecting andformatting features associated with the gateway appliance. Statisticsmay relate to use of one or more services and associated time-stampedevents that are tracked.

Referring back to FIGS. 2A and 2C, built on top of the ServicesFramework layer 120 is the Application Services Framework 130 providinglibrary of user applications and services and application supportthreads including, but not limited to: file sharing functionality;backup services functionality; home storage functionality; networkdevice management functionality; photo editing functionality; homeautomation functionality; media services functionality; call processingfunctionality; voice mail and interactive voice response functionality;presence and networking functionality; parental control functionality;and intelligent ads management functionality. The multi-servicesapplications gateway 10 further provides application service interfaces140 that are used to enable a variety of user applications andcommunications modalities. For instance, the SIP Interface 141 is aninterface to the generic transactional model defined by the SessionInitiation Protocol (SIP) that provides a standard for initiating,modifying or terminating interactive user sessions that involve one ormore multimedia elements that can include voice, video, instantmessaging, online games, etc., by providing access to dialogfunctionality from the transaction interface. For instance a SIPsignaling interface enables connection to a SIP network that is servedby a SIP directory server via a Session Border Controller element in theservice center 50 (FIG. 1A). The Web Interface 142 enables HTTPinteractions (requests and responses) between two applications. The IMInterface 144 is a client that enables the multi-services gatewayappliance connection to one or more specific IM network(s). The XMPPinterface 145 is provided to implement the protocol for streaming (XML)elements via the appliance in order to exchange messages and presentinformation in close to real time, e.g., between two gateway devices.The core features of XMPP provide the building blocks for many types ofnear-real-time applications, which may be layered as an applicationservice on top of the base TCP/IP transport protocol layers by sendingapplication-specific data qualified by particular XML namespaces andmore particularly, provide the basic functionality expected of aninstant messaging (IM) and present an application that enable users toperform the following functions including, but not limited to: 1)Exchange messages with other users; 2) Exchange present information withother devices; 3) Manage subscriptions to and from other users; 4)Manage items in a contact list (in XMPP this is called a “roster”); and5) Block communications to or from specific other users by assigning andenforcing privileges to communicate and send or share content amongstusers (buddies) and other devices. As further shown in FIG. 2C, the UpNp(Universal Plug and Play) 147 interface enables connectivity to otherstand-alone devices and PCs from many different vendors. The Webservices interface 149 provides the access interface and managesauthentication as multi-services gateway appliances access the servicecenter 50 (FIG. 1A) via web services.

Gateway Device Boot Sequence and Initialization

FIG. 2D depicts a boot sequence and initialization process 170 for thegateway appliance 10 of FIG. 1A. In response to turning on or resettingthe appliance at step 172, the circuit board supporting the CPU chipelement is initialized at step 174, and the board comprising the devicedrivers, serial console, Ethernet connection, WiFi connection, LEDconnection, USB connection, IDE hard drive connection, and the watchdogtimer are all initialized at step 176. Then, the operating system (OS)layer is initialized including the base kernel, base OS modules, toprovide basic services as indicated at step 178. Then, the basic OSservices are initialized at step 179 including the Sshd, Ftpd, DNS,DHCP, and UpNp. Then, at step 180, customized kernel initialization isperformed including the kernel modules such as Intelligent Routing, theQoS, the firewall, the web wall, encryption and watch dog timer controlat step 182, and the kernel threads such as CPU management, memorymanagement, hard disk drive management, and time management threads atstep 184. Then, at step 186, the platform manager component of theappliance is initialized that starts system services and servicemanagers for all services; the system services are then initialized atstep 190, system management (e.g., Resource manager, Firmware Upgrademanager, Diagnostics manager and the Scheduler manager components, etc.)as shown at step 192, and service management (e.g., Service Manager, thenetwork operations support center control channel client, the Billingmanager, Stats manager, and Alarms manager components, etc.) as shown atstep 194 that provide the services framework upon which the plurality ofapplications and services are built as shown in FIG. 2A. Finally, atstep 196, the various subscribed to application services are initializedincluding, for example, but not limited to: the PBX server, Mediaserver, file manager server, home automation server, presence andnetworking server, parental control services, and advertisementservices, etc. The architecture such as shown in FIGS. 2A-2D provides acontrolled managed services model for an IM messaging infrastructure.

Demarcation

As shown in FIG. 3, in one aspect of the invention, the gatewayappliance includes functionality for combining the storage availablefrom its own internal and attached hard drive(s) 154 with any NetworkAttached Storage device 158 on the network to create a single virtualfile system that consumers can use like a single drive. The gateway willautomatically detect, mount, and manage the connections to the NASdevices and add them to its own file system. Users of the gateway arethus presented with a single consolidated storage device that they canaccess just like another drive on their PC. Users will not be exposed tothe underlying protocols and management features required to providesuch a feature. Users will no longer have to use each of the storagedevices separately.

However, as further shown in FIG. 3, a virtual demarcation 155 isenforced at the centralized disc storage device 154 of the gatewayappliance, e.g., which may comprise one or more physical hard drives, tophysically and logically isolate the storage partition 156 where servicelogic and associated data for implementing services from serviceprovider and/or downloaded media content are stored, and anotherpartition 157 where user generated data, e.g., user files, is stored.The partition 156 belongs to the service center 50 that is limited toreceiving logic and intelligence for the appliance and backed-up userfiles, all of which is managed by the service control network andenforced locally at the gateway; the other partition 157 is storage thatis user accessible and includes a user accessible graphic user interfacewhich may be accessed by a digital endpoint device, e.g., a PC,programmed to enable visibility if granted to the user. Thus, the useris enabled to skew the demarcation point depending upon the amount ofcontrol granted or authorized to the user according to subscribedfeatures and service configurations. This separation within the gatewayappliance 10 is an enabler for delivery of the service logic thatresides on the appliance on the network side of the virtual demarcation.That is, the service provider offers all of its services upstream ofthis demarcation point and the customer can choose which service isselected that is within the control of the service provider's network.

While the service center 50 is responsible for placement of servicemodules and data beyond the demarcation point, the appliance 10 isequipped with certain functional elements such as encryption techniques,local directory obfuscation techniques, and local enforcement to preventuser visibility beyond the demarcation point that belongs to the serviceprovider unless the user is enabled with such visibility. Theintelligence and service logic that is on the appliance according to theinvention is managed by the service center and provides the logic tolimit user access.

FIG. 3 illustrates the virtual demarcation point within the gatewayappliance located on the customer premise that occurs somewhere withinthe device allowing the customer and service provider to skew thephysical location of the demarcation. The demarcation within this devicecan occur on a physical storage medium, e.g., hard disk drive 154 asshown in FIG. 2B, that has been sectored for different user, or in avirtual memory location, e.g., locations 155 a, 155 b or 155 c, based onthe service levels being offered, e.g., service A, service B or serviceC, respectively. This approach allows the customer more flexibility inmanipulating the service rendered and services offered by the provider.By allowing the demarcation closer to the customer, this allows morecontrol of features from the customer and allows the service providercloser control of the customer infrastructure without owning it all.Thus, with this device in place, the new demarcation moves based on theservice.

For an example of demarcation control, if some data is required to bestored, e.g., a downloaded movie, the customer can store it locally,securely locally, or securely remotely. While it is the customer'sresponsibility to do storage locally and securely locally, with the newvirtual demarcation, the service of providing locally secure data is nowpart of an offering of the service provider. While the data is still onsite, the data is under control of the service provider and followsservice agreements for that storage of data.

As another example of demarcation control, two movies may be downloadedand stored at the service center's partitioned side beyond thedemarcation point as requested by a user via a user interface through adevice connected to the appliance. This user interface, enabled via theuser partition of the gateway appliance, is accessed through a PC, a TV,and cell phone. After authentication, the user could select andprioritize movies to purchase, for example, in compliance with the mediacontent service provider. The choice of interfaces and amount ofvisibility by endpoint devices accessing this user interface has beenoptimally designed from a contention standpoint from perspective ofcontrols, security, network service control manageability, and cost. Inresponse, the selected movie(s) are downloaded to the service center'sside 156 of the partition as shown in FIG. 3. Unless and until the userhas purchased the movies for playback via an authentication process,that user will be prevented from accessing the content. Otherwise, theuser may initiate streaming of the content directly to a digitalendpoint device, e.g., a television, or will be granted permissions todownload and play the movie according to the subscription with the mediacontent provider as managed by the gateway device. If the user haspurchased the movie, the movies may be transferred physically to theuser storage portion of the partition. Otherwise, the content may betemporarily copied for local storage by the user at the user accessibleportion of the demarcation point for playback at the user endpointdevice.

Another example of demarcation control is the manipulation of featuresfor a given service. Currently a subscription order is processed, andthese features are manipulated within the service provider's network andsent down to the customer for provisional changes to equipment at theservice center's side of the demarcation point. Via a GUI establishedfor the endpoint device when connected with the gateway, whenauthenticated, files may be unlocked so the customer may locallymanipulate services before and after demarcation point, therebyvirtually shifting the demarcation point. Thus, a virtual demarcationpoint allows service providers flexibility in offering differentservices and features. Example services include, but are not limited toservices such as: parental control, advertisement monitoring andreplacement, home user habit monitoring, home channel monitoring, andback-up services.

Gateway Processing

For the in-home services, the multi-services gateway appliance connectsthe various service delivery elements together for enabling the user toexperience a connected digital home, where information from one source(for example, voicemail) can be viewed and acted on at another point(for example, the TV). The multi-services gateway appliance 10 thushosts the various in-home device interfaces and facilitates the movingof information from one point to another. Some of the in-home endpointdevice processing duties performed by the appliance 10 include, but arenot limited to: 1) detecting new devices and provide IP addressesdynamically or statically; 2) functioning as a (Network AddressTranslator) NAT, Router, and Firewall; 3) providing a centralized diskstorage in the home; 4) obtaining configuration files from the networkand configures all in-home devices; 5) acting as a Registrar forSTP-based devices; 6) receiving calls from and deliver calls to voicedevices; provide voicemail services; 7) decrypting and securelystreaming DRM'd media; 8) distributing media to an appropriate in-homedevice; 9) compressing and encrypting files for network back-up; 10)backing-up files to the network directly from appliance; 11) handlinghome automation schedules and changes in status; 12) providing in-homepersonal web-based portals for each user; 13) providing Parental ControlServices (e.g., URL filtering, etc.); 14) creating and transmittingbilling records of in-home devices including recording and uploadingmulti-service billing event records; 15) distributing a PC client toPC's in the home used in support of the various services such asmonitoring events or diagnostic agents; 16) storing and presenting gamesthat users and buddies can play; 17) delivering context-sensitiveadvertising to the end point device; 18) deliver notifications to theendpoint device; and 19) enabling remote access through the web, IMclient, etc. Other duties the gateway appliance 10 may perform include:service maintenance features such as setting and reporting of alarms andstatistics for aggregation; perform accessibility testing; notifying aregistration server (and location server) of the ports it is “listening”on; using IM or like peer and presence communications protocolinformation for call processing and file sharing services; receivingprovisioning information via the registration server; using a SIPdirectory server to make/receive calls via the SBC network elementto/from the PSTN and other gateway appliance devices; and downloadingDRM and non-DRM based content and facilitating the DRM key exchangeswith media endpoints.

Gateway Appliance Interfaces

As mentioned, in one embodiment, the gateway appliance behaves as a DHCP(Dynamic Host Configuration Protocol) server managing and automating theassignment of Internet Protocol (IP) addresses in a premise (home)network and may be installed in the premise (home) network behind theaccess modem such as DSL (digital subscriber line)/cable/DOCSIS (DataOver Cable Service Interface Specification). FIGS. 1B(1) and 1B(2)illustrate the gateway appliance connection to the in-premise devices indifferent embodiments. In FIG. 1B(1), a gateway appliance 124 connectsto a broadband modem 122 for access to the WAN and acts as a replacementto a router in a network, connecting to various endpoint devices 132. Inanother embodiment, FIG. 1B(2) shows a gateway appliance 129 acting as aLAN connection on an existing router 128. The existing router 128functions as a bridge and the gateway appliance 129 behaves as therouter connecting to various endpoint devices 134. In this embodiment,the WAN connection from and to the appliance 129 is via the exitingrouter 128 acting as a bridge.

In support of the gateway primary processing for handling all aspects ofthe digital home as described herein with respect to FIGS. 1A-1B(2), theGateway Appliance provides the interfaces to the following in-homedevices: 1) an interface to the Digital Media Adapter (DMA) 35 b fortelevision (TV) enabling bidirectional wireline or wirelesscommunication. This interface supports several functions for multipleservices including, but not limited to: media (video and music) byenabling the transfer of media (video and music) to the TV via a peerand presence messaging protocol; voice services by providing for CalledLine ID and for voice mail control; and provide Home Automation Servicesincluding obtaining status and control of networked home automationdevices; 2) a bidirectional wireline or wireless interface to a PCdevice for supporting the transfer of media (video and music) to thecomputer for storage and viewing; for supporting voice services, e.g.,by providing for calls from SIP soft clients; for file sharing via apeer and presence messaging protocol notification, file back-up, andhome storage functions, this interface will provide for thebidirectional moving of files; and for Home Automation Services, it willprovide status and control of networked home automation devices; 3) aunidirectional wireline or wireless Media Streamer interface forenabling the sending of audio content to a Media Streamer, which in turnwill provide the audio to a receiver/amplifier of a Home Sound System(stereo or digital multi-channel); 4) a unidirectional wireline orwireless Internet Radio Interface that provides for sending of audiocontent to an Internet Radio; 5) a unidirectional wireline or wirelessinterface to a Portable Media Player (PMP) that provides for sendingaudio content to a PMP; 6) a bidirectional Phone Adapter/PSTN Gateway(PAPG) Interface that provides for configuring and registering of thePAPG with the gateway appliance via exemplary Session InitiationProtocol (SIP), FTP, HTTP over Ethernet protocols, and provides forsending and receiving of calls to/from the PAPG; 7) a SIP PhoneInterface that is similar to the PAPG interface; and a bidirectionalwireless or wireline Home Automation Controller Interface that providesfor updating the controller of existing devices, changing device states(for example, “light on”) and relaying device status from the endpointdevice to the gateway appliance via the controller. The PAPG is a SIP toPSTN adapter having an Ethernet port on one side and a FXS (foreignexchange station) and a FXO (foreign exchange office) port on the other.A user can thus plug a phone into the FXS and can plug a telephone linefrom the central office into the other.

With respect to the media adapter element 35 b shown in FIG. 1A, thisdevice converts audio and video (optionally) to a format suitable for aTV (HMDI/DVI/HDCP/Component/RCA). In addition, the media adapter 35 b iscapable of receiving context-sensitive commands from a remote controldevice (not shown). This enables the use of menus on the TV forcontrolling services for various functions. The media adapter element 35b may be physically combined with the gateway 10 and/or the mediaadapter element 35 b may be physically combined with set top boxfunctions 35 a. Thus, the media adapter/TV combination is enabled toprovide the following features including, but not limited to: display ofmedia; media control functions, when enabled (FF, REW, STOP, PAUSE,etc.); display of CLID (Caller ID); control of voicemail; pictureviewing; control of home automation; and some user functions for thegateway appliance.

With respect to the Set Top Box 35 a as shown in FIG. 1A, this devicehandles rendering of media content suitable for television, digitaldecryption, and other DRM functions, Video on Demand purchases, etc. TheSet Top Box/TV combination thus enables: media format conversion (forexample NTSC to ATSC); decryption; other DRM functions (such as expiryof leases), prohibition of copying to digital outputs, functionrestriction, etc.; Video on Demand purchases; and media controlfunctions (e.g., FF, REW, STOP, PAUSE, etc.). With respect to PCsinterfacing with the gateway appliance, these devices serve as filesources, control points and hosts for various clients. That is,computers will provide: source/target for files to be shared, backed-upor transferred to home storage; access a personal web page withnotifications, RSS, shared photos, voicemail, etc.; browser control forhome administrator and user, and a host for IM and SIP softphone clientsand other client devices. Further, with respect to PAPG (incl.Integrated Access Devices) and SIP phones, the PAPGs and SIP phonesserve as SIP endpoints. Additionally, the IADs connect to FXS phones orfaxes and the PAPGs contain IAD functions and also connect to the localPSTN via a FXO port. Thus, the following functions are provided: SIPuser agent signaling; voice and video capabilities (SIP phones); FXSsignaling (IAD and PAPG); FXO signaling to PSTN (PAPG) and, telephonyfeature support.

Logical Architecture and Support Network Infrastructure

While the gateway appliances as described above are each equipped withvarious logic and intelligence for service features that enable thegateway appliances to provide various integrated digital services to thepremise, as described herein with respect to FIG. 1A, the networkelements 50 referred to also as support center (SC) supports and managesmulti-services gateway appliances, for instance, so as to control theaccessibility to functionalities and service features provisioned in thegateway appliances and the ability to communicate with other gatewayappliances and various digital endpoint devices connected thereto.Examples of various functionalities performed by the network supportinfrastructure include, but are not limited to: service initializationof the gateway appliances, providing security for the gateway appliancesand the network support infrastructure, enabling real time secure accessand control to and from the gateway appliances, distributing updates andnew service options to the gateway appliances, providing service accessto and from the gateway appliances and remote access to the gatewaydevices, but not limited to such. In support of these services, theservice center provides the following additional services and features:authentication; multi-service registration; subscription control;service authorization; alarm management; remote diagnostic support;billing collection and management; web services access; remote access togateway appliances (e.g., via SIP or Internet/web based communications);reachability to access challenged gateway appliances; software updates;service data distribution; location service for all services; SIP VoIPservice; media services; backup services; sharing services;provisioning; gateway interfaces to other service providers (Northboundand peering); load balancing; privacy; security; and network protection.

The logical network architecture for the support network infrastructuredelivering these capabilities is illustrated in FIG. 4. It should beunderstood that the functional components described in view of FIG. 4may be combined and need not be running on discrete platforms orservers. Rather one server or component may provide all thefunctionalities for providing managed network of gateway appliances. Inaddition, any one of the components shown in FIG. 4 may perform any oneof the functionalities described herein. Thus, the description in thepresent disclosure associating certain functions with certain componentsare provided for ease of explanation only and the description is notmeant to limit the functionalities as being performed by thosecomponents only. Thus, the network elements or components 50 shown inFIG. 4 illustrate logical architecture only and the present inventiondoes not require the specific components shown to perform specificfunctionalities described. Moreover, the functional components may usedistributed processing to achieve a high availability and redundancycapacity.

The one or more network elements 50 illustrated in FIG. 4 support thegateway appliances 10 that are services point of presence in premisessuch as the home and the endpoint devices connected thereto. Examples offunctionalities provided in the support network 50 may include, but arenot limited to the following. Upgrades to gateway appliance firmware andvarious endpoint devices may be managed in the support network 50, forexample, by a firmware update manager server 51. VOD (video on demand)functionalities, for example, serviced by VOD servers 52, ingestwholesale multi-media content and provide DRM-based premium content tothe multi-services gateway appliance and endpoint devices. The supportnetwork 50 also may enforce DRM policies, for example, by a conditionalaccess server 54, by providing key-based access and initiating billingprocesses. The support network 50 may also provide functionalities suchas collecting billing information and processing billing events, whichfor instance may be handled by billing aggregator sub-system 58. Thesupport network 50, for example, using one or more connection managerservers 60 may establish and maintain a signaling control channel witheach active multi-service gateway appliance. Message routingfunctionality of the support network 50, for example, one or moremessage router devices 62, may provide intelligent message routingservice for the network and maintain gateway device presence andregistration status in an internal SC session manager sub-system.Publish and subscribe functionality of the support network 50, forexample, a publish/subscribe (pub/sub) server sub-system 65 may providepublish and subscribe messaging services for the multi-services gatewayappliances and the network elements.

The support network 50 may provide SIP-based directory services forvoice services, for example, by its SIP directory server 66. Inaddition, location service functionality, for example, provided by thelocation server 68 may include IP and port level services for allinbound services. DNS services functionality may be provided by a DNSserver 69 for all inbound services. The support network 50 may alsoprovide virtual private network functionalities, for example, handled byits VPN server/subsystem 70, and provide VPN connection services forcertain inbound services on multi-services gateway appliances. VPNconnection services may be provided on those multi-services gatewayappliances that have accessibility challenges, for example, those thatare behind external firewalls and NATS. The support network 50 may alsoinclude functionality for determining the nature of the accessibilityconfiguration for the multi-services gateway appliances. For example,the accessibility test determines whether the appliances are behind afirewall, whether NATS is required, etc. In one embodiment,accessibility service may be performed by an accessibility server 72that functions in cooperation with the multi-services gateway applianceto determine the nature of the accessibility. The support network 50also functions to provide provisioning services to all SC networkelements 50 and multi-services gateway appliances 10. Such functionalityof the support network 50, for example, may be implemented by theprovisioning server 74 in one embodiment. Authentication functionalityof the support network 50, for example, provided by an authenticationserver 71 provides authentication services to all SC network elementsand multi-services gateway appliances. Subscription functionality of thesupport network 50, for example, provided by a subscription manager 73provides subscription services to all multi-services gateway appliances.The support network 50 may include functionality for providing managingservices for each of the services provided in the gateway appliance. Forexample, service managers 75 store and serve to distribute servicespecific configuration data to the multi-services gateway appliances.Service access test functionality of the support network 50 performstests to multi-services gateway appliances to verify the accessibilityfor each subscribed service. Such functionality may be provided byservice access test managers 77. The support network 50, for example, inan alarm aggregator subsystem 82 may aggregate alarms received from themulti-services gateway appliances. The support network 50 also includefunctionalities to support, for instance, by an alarms, diagnostics andnetwork management server 85, network management and network managementservices. The support network 50 enables web interface communicationmechanism, for example, via a Web services interface server 90 to, forexample, provide access interface and manage authentication asmulti-services gateway appliances access the SC for various services.

Additional SC network functionalities shown in FIG. 4 may includeproviding HTTP redirection services for public web access to themulti-services gateway appliances, which functions, for example, may beprovided via a public Web redirect server 91. Public SIP redirect/proxyfunctionality provides, for instance, via a public SIP redirect/proxyserver 92, SIP redirection and proxy services to public remote SIPphones and devices. The support network 50 also may includefunctionalities to provide a SIP-based network border interface andbilling services for off-net voice calls. Such functionality in oneembodiment may be provided in a Session Border Controller device 93 a.Another functionality of the support network 50 may be providing SBCservices to SIP roaming SIP callers in certain situations, whichfunctionality, for example, may be provided by a Roaming SBC device 93b. The support network 50 also functions to provide dynamic NAT servicesduring certain SIP roaming scenarios. Such functionality may beimplemented in the Roamer Dynamic NAT Server 94.

The support network 50 further may provide off-site backup services forthe SC network to a Wholesale Back-up Provider 96. The support network50 further interoperates with Wholesale VoIP Provider 97, which mayprovide VoIP call origination/termination services for off-net voicecalls. For instance, as will be described in greater detail herein, thesupport network 50 may provide VoIP/PSTN gateway that enables atranslation between protocols inherent to the Internet (e.g., voice overInternet protocol) and protocols inherent to the PSTN. Other entitiesthat may be partnered with the support network as shown in FIG. 4include the content providers 98 that provide media-based content(including, but not limited to music, video, and gaming) to the SCnetwork 50, gateway interfaces 101 for billing, alarms/NWM, provisioninginterfaces for partnered wholesale providers (e.g., peering interfaces),and service provider customers (e.g., North bound interfaces).

Gateway and Service Network Initialization

FIGS. 5A-5C describe high-level aspects of an initialization technique200 for establishing a gateway appliance's connection to and enablingcommunication with the support network service center, and further theprovisioning and management and maintenance of services. After power isapplied to the appliance, a boot sequence is executed that loads thesoftware modules of the gateway appliance at step 203.

As shown in FIG. 5A, a gateway appliance device is fully enabled if asubscriber activation code and optionally, the WAN configurationinformation is provisioned. Thus, optionally, at step 206, adetermination is made as to whether the appliance's WAN configurationinformation is provided. If not, the process proceeds to step 207 wherethe system obtains from the user the gateway appliance's WANconfiguration. At step 210, a determination is made as to whether thegateway appliance is fully enabled. If the gateway device is not fullyenabled, the process is performed at step 213 to obtain an activationidentifier (ID) from the user. It should be understood however, thatbefore full activation, minimal functionality could be provided. Oncethe appliance is fully enabled, at step 216, there is initiated theprocess of initializing the router/firewall and establishing the WANconnection. In one embodiment, a Transport Layer Security (TLS)connection is established with the connection manager serverfunctionality at the support network and communications with the supportnetwork at step 218. This TLS connection in one embodiment is a signalchannel that is always-on for transacting various communications withthe support network, for example, for the duration that the gatewayappliance is powered on and providing its services and functionalitiesas the in-premise or in-home platform for endpoint devices associatedwith the premise. Continuing to step 220, the appliance then sends anauthentication request including an authentication digest using ahardware identifier, an activation code, and a subscriber ID, and waitsfor an authentication response. At step 222, the process waits until theauthentication notice or like response is received. If theauthentication response is not received, the process terminates as shownat step 225. If the gateway appliance becomes authenticated, at step228, the appliance requests from the SC the authentication keys andstores them at the appliance. These keys are used whenever an appliancehas to be authenticated, e.g., when conducting a transaction oraccessing the support center network, for example, through a webinterface or a control signal channel.

Continuing to step 230 in FIG. 5A, the gateway appliance sends a requestto the subscription manager functionality or the like of the supportnetwork, and the appliance waits until it receives a response. Therequest from the gateway appliance includes, for example, the applianceidentifier information. In response, the subscription managerfunctionality of the support network replies with the latest firmwareversion and configuration information for that gateway appliance, forexample, information associated with one or more services currentlysubscribed in that gateway appliance, the latest firmware informationfor the gateway and configuration for all subscribed services. There isalso provided an indicator that identifies a change in user specificservice data for all of the subscribed services, if any. Continuing toFIG. 5B, at step 233, the gateway appliance determines whether itsfirmware versions are up to date by checking the received versionnumbers with version numbers that currently exist in the appliance. Ifnecessary, the gateway appliance receives the actualfirmware/configuration data from the SC, for instance, through a webservices interface over a secure HTTPS connection in one embodiment. Atstep 235, a determination is made as to whether the user firmwareconfiguration data 235 a and user data 235 b for each service of up to Nservices that the user may be subscribed to are up to date. For eachservice, if it is determined that the firmware configuration data 235 aand user data 235 b are not updated, the gateway appliance may receivesuch data from the support network, for example, over the HTTPSconnection. Continuing to step 237, the appliance may apply theconfiguration/firmware updates immediately or schedule them for anothertime. A user may utilize a GUI to schedule the updates. If certainfirmware needs to be updated right away, there may be a prompt presentedto the user to acknowledge and approve the updates. At step 240, agateway appliance accessibility test is performed to determine if a VPNconnection to the support network is needed. This may happen if thegateway appliance is behind a firewall or the like that protects theappliance from the public access. The test, for example, may beoptional. In one embodiment, this test is done on start-up, and, forexample, for cases when the appliance is disconnected from the WAN or anew IP address from the WAN is assigned. An accessibility testingfunctionality of the support network, for example, may send a connectionrequest (such as stun or ping) in order to try to reach the gatewayappliance. Different port numbers on a given IP address may be testedfor reachability to the gateway appliance.

Continuing to step 245 in FIG. 5C, a determination is made as to whetheraccessibility has been challenged, e.g., the device lies behind afirewall at a private IP address. If accessibility has been challenged,then at step 248, a connection with a VPN is established. Step 250represents the step of storing the WAN and VPN IP addresses to be usedfor inbound services. Examples of inbound services may include, but notlimited to, voice service, remote web access, etc. At step 253, thegateway appliance sends a message to the support network, for example,which message is routed to service manager and subscription managerfunctionalities of the support network. The message informs the servicemanager and subscription manager functionalities, the gatewayappliance's current version, and configuration information. Registeringwith those server functionalities may initiate notify handler servicethat enables asynchronous configuration, firmware, and/or user dataupdates. At step 255, a general multi-purpose registration is performed,whereby a service register request message is sent from the servicemanager to a location server functionality of the support network. Thisrequest message tells the location server functionality that the gatewayappliance is ready to accept inbound services on a given IP address andport number. Thus, the information may include the IP address (WAN/VPN)and/or other specific data for informing the location serverfunctionality how to find the gateway appliance. In one embodiment, aclock on a gateway appliance may be set when the appliance re-registerswith the support network.

Architectural Overview for Establishing Connections and AuthenticationProcess

FIG. 6A is an architectural diagram illustrating a manner in which themulti-services gateway appliance makes an initial connection to thesupport network 50 in one embodiment of the invention. It is noted thatthe individual components shown in the support network 50 illustratelogical components or functionalities provided in the support network.As mentioned above, a signal channel in an exemplary embodiment isestablished between the gateway appliance and the support network duringthe appliance's initialization process, and in one embodiment thisconnection is maintained for the duration that the appliance is poweredon and is providing its functionalities. Thus, a connection isestablished between the gateway appliance and the connection managerserver functionality 60 or the like in the support network, for example,to provide connection services prior to establishing a session state andauthenticating the gateway appliance. As shown in FIG. 6A, a TCP/TLSconnection 150 is made between the gateway appliance using theappliance's broadband connection and the IP network to connectionmanager server functionality 60 of the services support network. Theconnection manager 60 or the like of the services support network 50receives the session state of the network channel request where controlis implemented to initiate authentication. A message routerfunctionality routes the requesting message to an authentication server71 or the like as shown in FIG. 6A. Prior to establishing any TCP/IPconnection, an authentication is performed, as indicated at 145.

In one embodiment, the connection manager 60 may aggregate plurality ofconnection channels 150 and multiplex these signaling channels to amessage router device 62. The connection managers 60 works with themessage router 62 and the authentication server 71 to authenticate themulti-services gateway appliance and allow its access to the network byenabling the establishment of a control channel 150 providing an “alwayson” control channel between the multi-services gateway appliance and theservices support center 50 once the gateway appliance is authenticated.The connection managers 60 or the like also provides network securityand protection services, e.g., for preventing flooding, DOS attacks,etc. In one embodiment, there may be interfaces such as APIs forinterfacing the connection managers 60 or the like to the messagerouters 62 and the multi-services gateway appliances 10. As the networkof multi-services gateway appliances grow, the number of connectionmanagers may grow to meet the demand for concurrent signaling controlchannel connections.

In one embodiment, message router device(s) 62 or the like providecontrol signal message routing services and session management servicesto the multi-services gateway appliance 10 and the other networkelements of the support center 50. In one embodiment, the message routerdevice 62 has control channel interfaces to the firmware upgrade managerserver, VOD(s), billing system, content managers, pub/subs, serviceaccess test manager, authentication server, service manager,subscription manager, alarms aggregator, network manager and public webproxy redirect, and the multi-services gateway appliances. The messagerouter 62 or the like may also include a session manager subsystem thatmaintains control channel state information about every multi-servicesgateway appliance client in the network. The message router 62 or thelike, and session manager or the like enable sessions to be establishedto each multi-services gateway appliance 10 and each network element andprovide robust routing services between all the components. The messagerouters 62 or the like may additionally connect to other message routersfor geographic based scaling creating a single domain-based controlchannel routing infrastructure. The message routers 62 or the like mayadditionally connect to IM gateways and other message routers thatprovide user based IM services, which may enable users to interactdirectly with their multi-services gateway appliance via IM userclients. Thus, besides providing routing and session management for allthe multi-services gateway appliances and the network elements, themessage router element 62 or the like enables control signaling betweenall the network elements and the multi-services gateway appliances andconnects to IM gateways to provide connectivity to other IM federations.

With respect to authentication functionality, an authenticationcomponent 71 provides authentication services for all the networkelements of the SC. The SC network elements query the authenticationserver to verify the identity of elements, including the multi-servicesgateway appliance, during inter-element communications. Themulti-services gateway appliances may indirectly utilize theauthentication server to verify the identity of the network elements.The interacting network elements may return data that the multi-servicesgateway appliance uses to confirm the network element's identity.

The authentication server functionality 71 may interface to themulti-services gateway appliances and other network elements such as themessage router or the like and session manger servers or the like, theaccessibility server or the like, the service accessibility test mangersor the like, the web services interface or the like, the provisioningserver or the like, the NWM or the like, pub/sub or the like, VOD's,CAs, and the billing system or the like.

Signaling Control Channel

As mentioned herein with respect to FIG. 6A, the connection managerservers 60 or the like functionality in the support network provideconnection services and enable the establishment of a control channel,enabling an “always on” control channel between the gateway applianceand the service support center functions of the support network. Thus,in one embodiment, a gateway appliance establishes a TCP/TLS connectionto the connection manager functionality in the support network as shownat 150.

Authentication

Once the gateway appliance is physically connected to the network, itregisters and authenticates itself on the support network. In oneembodiment, this registration and authentication is done through theabove established secure connection. In one embodiment data link layersecurity may be established by implementing, for example, SimpleAuthentication and Security Layer (SASL). The SASL framework providesauthentication and data security services in connection-orientedprotocols via replaceable mechanisms (IETF RFC 2222). This frameworkparticularly provides a structured interface between protocols andmechanisms and allows new protocols to reuse existing mechanisms andallows old protocols to make use of new mechanisms. The framework alsoprovides a protocol for securing subsequent protocol exchanges within adata security layer. After establishing the TCP/TLS connection betweenthe home appliance and the support network (e.g., connection managerserver or the like) the SASL authentication process is initiatedwhereupon the gateway communicates authentication details to theconnection manager server or the like. The connection manager server orthe like of the support network routes the authentication request to theauthentication server or the like via intermediary of the controlmessage router device or the like and session manager servers or thelike. Once at the authentication server or the like, the gatewayappliance is authenticated, e.g., by processing the authenticationdetails at the authentication server or the like. Additionally, controlaccess information is communicated to a locations server or the likewhich may provide location information updates to, for example, othernetwork functionalities or elements such as a file sharing server,remote web access server, and other elements. Once secure connection(e.g., XMPP connection) is established at step 326, authenticatedsession state between the home appliance and the support network isensured and messages can safely flow to and from the gateway appliance.In one embodiment, authentication credentials may include: user ID,subscriber ID, and a unique identifier (id) that is hardware dependent.In an alternate embodiment, a unique hardware based id need not be sent,however, may be used to hash a string or digest. At this point, anyrequests originating from the gateway appliance may be serviced.

A chat based protocol or presence and peering based messaging protocolis used for the gateway device to establish connection with the supportnetwork. This may comprise a SASL or NON SASL-based XMPP (ExtensibleMessaging and Presence Protocol) described in IETF RFC 3920 and RFC3921. For instance, using XMPP, messages are sent and received betweenthe gateway appliance and the support network (e.g., via connectionmanager and message router functionalities).

During the authentication, if the support network does not contain thegateway appliance registration and subscription information, the supportnetwork may prompt the user via the gateway appliance for theinformation. Such information may include, but is not limited to,gateway identifier such as the MAC address, name for a fully qualifieddomain name (FQDN) which is a complete DNS name such as johndoe.xxx.com,subscriber information such as name, address, email, and phone number.Additionally, service plan information such as file sharing, voice, filebackup, media services, personal page, home automation, billing, towhich the user is subscribing or desires to subscribe, user name andpassword for the subscriber and billing options and information may beobtained.

In one embodiment, before completing the authentication process, thesupport network optionally may display to the user via the gatewayappliance a list of the enabled services allowing the user to confirmthe services enabled, and/or allow the user to add to or delete from theservices enabled. Once the authentication process is completed, thesupport network registers the gateway appliance with otherfunctionalities in the network for enabling different services. Forexample, for phone service there may be a registration process on theSIP redirect server functionality.

Authentication Keys, Service Keys, Dynamic Key Renewal

The gateway appliance and the support network utilize keys or tokens forauthenticating the gateway appliance, web service interface requests,and other services subscriptions, for instance, to verify that thegateway appliances are valid users of the system and services. In oneembodiment, the authentication keys (also referred to as tokens herein)are renewable and may change dynamically for each gateway appliance. Forexample, the authentication server or the like in the SC may generateupdated keys or tokens for all or a selected number of gatewayappliances, notify those appliances periodically or at predeterminedtimes to retrieve the new authentication keys. In another embodiment,the gateway appliances themselves may request the authentication serveror the like to provide a new or updated key. Yet in another embodiment,the updated keys may be pushed to gateway appliances. This way the keysor tokens are periodically refreshed. Such dynamically changing keysenhance security, for instance, making it difficult for hackers to trackthe changing keys.

Each appliance may have more than one authentication key, for instance,for different purposes. For example, there may be different keys ortokens for allowing access to different services or features provided bythe appliance. Thus authentication keys are also referredinterchangeably as service keys or tokens. These service keys may alsodynamically change and are renewable. In one embodiment, the gatewayappliance receives the service keys or tokens when individual servicesare provisioned on the gateway appliance. Thereafter, the service keysmay be updated to change periodically, at a predetermined intervals, orregular intervals.

The keys or tokens themselves, in one embodiment, may be hardware basedkey. In another embodiment, they may be implemented independent of thehardware they are being used on.

Web Services Interface

The support network may also provide web services interfacefunctionality (for example, shown in FIG. 4, 90) that forms anapplication programming interface (API) between the gateway appliancesand the support network as a method to communicate between the gatewayappliances and the support network. That is, in addition to theestablished signaling control channel, the gateway appliances and thesupport network may utilize web services interface to communicate. Forinstance, the gateway appliances and the support network may exchangeinformation via secure HTTP or HTTPS using SOAP, XML, WSDL, etc., or thelike.

When an authentication key is used or embedded in the message in orderto validate the communication between one or more gateway appliances andthe web services interface functionality in the support network. In oneembodiment, the gateway appliance 10 may request from the supportnetwork, for instance, from its authentication server functionality, atemporary key, which is to be used when the gateway appliance 10requests services via the web services interface 90. Preferably, thiskey is not a service specific key, but rather identifies a particulargateway appliance 10 to enter the network center through the webservices interface 90. Every time the gateway appliance 10 requests akey, the authentication server functionality may store the key and theexpiry time of the key. A response message provided from theauthentication server has the key and expiry time. In one embodiment,gateway appliances are responsible to determine a status of the keycompared to the expiry and to request a new key before the expiry time.In another embodiment, the web services interface authentication key maybe assigned during initial registration and may be renewable asdescribed above with reference to dynamic renewable authentication andservice keys.

The web services interface subsequently directs message requests to theappropriate functionality in the support network. The incoming requestsmay be load balanced in one embodiment by the DNS server, and loadingand performance information may be fed back to the DNS in support ofthis function. The web services interface may have interfaces (e.g.,APIs) to the gateway appliance, the authentication server functionalityof the support network, DNS, service managers functionality of thesupport network, NWM.

A gateway appliance may utilize the web services interface to pull dataor information from the support network, while the support network mayutilize the signaling control channel to push data such as variousnotification data to the gateway appliances.

Appliance Registration and Service Subscription

In one embodiment, the support network may further include provisioningmanager functionality, which may handle gateway appliance registrationand subscription activation. FIG. 6C depicts conceptually the process ofsubscriber provisioning in one embodiment provisioning managerfunctionality 74 may interface to 3^(rd) party order entry orprovisioning system 160 that is enabled to accept purchase orders forgateway appliances and services provided therein. In another aspect, theprovisioning manager may interface with a user interface provided in thesupport network for entering and accepting such orders. Thus, forexample, gateway appliance registration or subscriber provisioning mayoccur through an internal customer service representative user interfaceapplication, or a customer/subscriber self-provisioning web application,or through a partner service provider application interface. Otherregistration methods are possible and they are not limited to thoselisted methods. For instance, the first time registration may occurduring power-up and initialization stage as explained above, or anyother way.

In each instance, the subscriber information may be input via theprovisioning server 74 or the like functionality. As will be describedin more detail, provisioning input may include attributes such as thegateway appliance identification information, user information, andservice plan information. In one embodiment, the provisioning input dataincluding subscriber provisioning action/data may be classified asaccounting/business and operational data and may persist in theprovisioning manager 74 as shown at 162. This may be an optional step,for example, where partner service providers have their own existingsystems.

Examples of subscriber information include, but are not limited to thefollowing. In addition, not all information is required as subscriberinformation. Examples are subscriber name, address, billing information,email, phone, social security number (SSN), etc.; gateway appliance ID,e.g., MAC address, FQDN such as e.g. johnsmith@rosservice.com. This datamay be generated and may have different domain base depending on theprovider. This ID may be called the JID (jabber ID) or BID (Box ID) orFamily ID; a subscriber unique ID (Internal Generated Number); anassigned gateway appliance serial number (the serial number may be anexternal identifier of the gateway appliance); a gateway appliance modelnumber (e.g., to link the software, configuration to the model); a useraccess password (this may be different from the gateway appliance accesskey which is operational system generated); a user service/gatewayappliance binding identifier (this may be generated by the system andmailed to user); a locale/region identifier; a list of the subscribedservices, e.g., voice, video, remote access, backup; a list of servicespecific features, e.g., voice—call forwarding allowed, voice feature 2,etc.; a list of service specific user details, e.g., voice—DN, etc.; andBackup—Max GB, Max Bandwidth, etc.

In a further step, as shown at 163 in FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber is added to theauthentication server functionality 71. Thus, for example, theauthentication server functionality may maintain the followingsubscriber information/data for authenticating users and their gatewayappliance devices 10: the JID/BID; the gateway appliance's serialnumber; a user access password; a user service/gateway appliance bindingidentifier; the subscriber active/disable status; the gateway appliancehardware ID; a subscriber/hardware binding: BOOL; a Web interface accesskey; and associated Web interface access key validity time.

In a further step, as shown at step 164, FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber is added to the subscriptionmanager (server or functionality or the like) 73. Thus, the subscriptionmanager, for example, may maintain the following subscriberinformation/data for providing subscription information to gatewayappliance devices 10: the model number, the JID/BID or the like to beable to create and distribute the right package of meta information andto identify the firmware ID, configuration and configuration data to thegateway appliance. Additional exemplary data made available at thesubscription manager 73 may include, but not limited to: user ID;gateway appliance serial number; the gateway appliance model; thesubscriber locale; current gateway appliance firmware version; and alist of services and enabled features, for example:

Service 1 Enable / Disable Feature 1 Enable / Disable .... Feature NEnable / Disable Current Configuration Version Service 2 Enable /Disable Feature 1 Enable / Disable .... Feature N Enable / DisableCurrent Configuration Version .... Service N ....

In a further step, as shown at step 165 in FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber is added to one or moreservice manager (servers or devices or functionality or the like) 75.Service data maintained at the service manager 75 may include, but isnot limited to: configuration files, e.g., voice: dial plans; parentalcontrol: black lists, etc. This data may be in a database or versionedfiles stored on disk. Optionally, the following subscriber data may bemaintained at the service manager 75: the appliance's JID/BID; theprovisioned subscriber data for each service (e.g., a list comprisingData 1, Data 2, etc.); and the generated subscriber data for eachservice (e.g., a list comprising Data 1, Data 2, etc.). It is understoodthat some services are basic services and some services may not havesubscriber data at all. Thus, as an example, if implementingprovisioning of Backup Services, the support network 50 may generate thefollowing account on behalf of the subscriber: Backup Acct ID, KEY. Theprovisioned subscriber data and generated data are communicated to thegateway appliance.

In a further step, as shown at step 166 a in FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber, is added to a SIP directoryserver or like functionality 66 and additionally, to the Session BorderController device 93 a or like functionality, as shown at step 166 b.For example, the SIP directory server 66 may be provisioned with datasuch as the SIP user identifier (e.g. www.gw10.ros.com); associatedgateway DN numbers; and any other data as may be required by the SBC,e.g. realm data or location data for the endpoint device. Additionalservice data that may be provisioned may include: OFFNET/ONNET DNnumbers; and other SIP Service specific data.

In a further step, as shown at step 167 in FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber is added to thepublication/subscription (Pub/Sub) server or like functionality 65. Thenew subscriber information maintained at the pub/sub may include thesubscriber for gateway appliance firmware update events and for serviceconfiguration/locale events, e.g., U.S. dial plans, parental controls,etc. The pub/sub may maintain various event channels and the content forevent channels (i.e., events per channel) and subscribed users for theevent channels (i.e., users for channel).

In a further step, as shown at step 168 in FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber is added to the billingsub-system server 58 or like functionality. The new subscriberinformation maintained at the billing sub-system server may include, butnot limited to: the subscriber name; address; billing information;email; phone; SSN; user ID, e.g. johnsmith@rosservice.com; a subscriberunique ID (Internal Generated Number); an assigned gateway applianceserial number (the serial number may be an external identifier of thegateway appliance); a locale/region identifier; and a list of thesubscribed services.

In a further step, as shown at step 169 in FIG. 6C, the added gatewayappliance and/or user, e.g., new subscriber is added to the Alarms,Diagnostics, and Network Management server or like functionality andalarm aggregator sub-system. The new subscriber information maintainedat the alarms, diagnostics, and network management server may include:alarms; user identifier and other data required for alarms managementsystem; and diagnostics.

Thus, the provisioning functionality or the like 74 generally providesprovisioning services to all SC network elements. The provisioningservers 74 may send and receive provisioning information via a gatewayinterface (e.g., APIs) to and from 3^(rd) party provides such aswholesale VoIP and backup service providers. The provisioning serversmay also send and receive to the branding customer service provider (aka“North Bound” interfaces). The provisioning server may provide agraphical user interface for service provider users and customer usersto order, initialize, and provision services. The provisioning serverfurther may distribute the order or provisioning information to thefollowing functional elements: subscription manager, authenticationservers; service manager(s); SIP directory server; pub/sub servers;VOD(s); CA's; billing system; firmware update manager; location server;the NWM; SBC's; content provider(s); and wholesale providers via thegateway interfaces (APIs).

While the provisioning service or functionality was described withrespect to registering new gateway appliances or subscribers,functionality for provisioning new services for existing users orgateway appliances may be provided in the similar manner, for example,by the provisioning server 74 or like functionality.

Automatic Discovery and Configuration of Endpoint Devices

A customer or user self-provisions endpoint device is on a particularmulti-services gateway appliance. The provisioning system or likefunctionality 74 may provision how many endpoints and the types ofdevices that can be self-provisioned by the user. In one embodiment, thegateway appliances are capable of automatically discovering andconfiguring the appliance compatible devices belonging to enabledservices in the premise such as the home or business, for instance, withminimal human intervention (e.g., for security purposes some devices mayneed administrator level prompting to proceed with configurationactions). For instance, the appliance compatible devices are devicesthat the appliance can communicate with and thus become the center ofmanagement for the services offered by these devices. One or more ofthese devices may have automatic configuration capabilities such asuniversal plug and play (e.g., uPNP devices). These devices alsoreferred to as endpoint devices may include but are not limited to:media adaptors, SIP phones, home automation controllers, adaptors thatconvert IP interfaces to PSTN FXO, and FXS interfaces, etc. In oneembodiment, the method of configuration, e.g., automatic discovery andconfiguration may be based on the specific device's current firmware orsoftware or like version. The appliance in one embodiment also may keepa record or table of configuration information, for example, for thosedevices configured automatically. Such information may include, forexample, for media adaptor, supported formats and bit rates, for homeautomation controller, information pertaining to the type of controllersuch as Insteon, Awave, etc.

As another example, if the phone service is enabled and if the appliancedetects a new SIP/Saporo device, the appliance may prompt a user todetermine if the detected device needs to be configured on theappliance. If it does, then the appliance may configure the detecteddevice on its network (home network or other premise network). Yet asanother example, when new drives are added to the appliance for storageexpansion, the appliance may automate initialization of the new devices.

Subscription Management

The gateway appliance may request information from the support networkfor services that the gateway appliance is subscribing to, for example,during initialization stage as mentioned above or at any other time. Thesupport network in one embodiment contains subscriber and gatewayappliance identification details. Thus, the support network may respondto the request with the subscription information and version numbers forvarious configuration data needed for the services that are subscribed.FIG. 6B illustrates how a gateway appliance 10 establishes a servicesubscription request (service/request check), for instance, via theTCP/TLS/XMPP control channel 150 to the network support center 50. Thisservice/request check may be available to ensure that the multi-servicesgateway appliance is in sync with the network provisioning system as towhat type of services are allowed for the user. This allows finite andreal time control of services allowed by the gateway appliance for auser. The service check may also be useful to keep track of thefirmware/software of the gateway appliance, and to keep the samesoftware base irrespective of the country/region, but have the abilityto load configuration/customization information per user based on localeor other criteria.

As an example, during the multi-services gateway applianceinitialization process, the multi-services gateway appliance queries thesubscription manager, for example, via the control channel, to determinewhat services and features are enabled for the multi-services gatewayappliance. The support network, for example, using its subscriptionmanager functionality 73 responds with the subscription informationassociated with this particular gateway appliance. Examples of data thatsubscription manager functionality 73 may store in one embodiment mayinclude but not limited to JID/BID, gateway appliance model number,services subscribed to, features subscribed to per service, and revisionexception list for each gateway appliance. The multi-services gatewayappliance 10 checks the received subscription information such asversion information against the current versions on the multi-servicesgateway appliance 10. If the multi-services gateway appliance determinesthat the versions are different, it may start initiating download fromthe configuration data through web services interface 90. Preferably,the multi-services gateway appliance's firmware and serviceconfiguration are implicit subscriptions and hence the multi-servicesgateway appliance will receive notifications when new changes areavailable. The changes indicate the version to download and the samelogic of version checking is performed in the multi-services gatewayappliance. The multi-services gateway appliance 10 subsequently enablesthe subscribed services and features.

The subscription manager functionality 73 also informs all requesting SCnetwork elements what services and features are enabled on a particularnetwork element. The subscription manager functionality 73 alsodetermines what service specific configuration data needs to bedownloaded to the requesting multi-services gateway appliance. In anexemplary embodiment, the subscription manager functionality 73determines the data needed by interacting with service managerfunctionality 75, which stores and distributes specific configurationdata for services. The subscription manager functionality 73 mayinterface to the multi-services gateway appliances (e.g., indirectly)and the following functionalities of the support network: messagerouters and session manager(s), the accessibility server, the serviceaccess test mangers, the provisioning server, the NWM, VOD's, CAs,pub/sub, service manager server, and billing sub-system. Thesubscription manager functionality 73 may additionally support someinternetworking to other service providers via the gateway interfaces.

In one embodiment, the support network includes service managerfunctionality for each specific service. The service managerfunctionality 75 may store and distribute service specific configurationdata for each supported service on a per multi-services gatewayappliance basis. Thus, service manager functionality 75 may includeservice specific configuration managers for voice, back-up, or any otherservice that are provided. Examples of this configuration data include,but not limited to, VoIP configuration data such as location-relateddial plan information and content/media configuration data such as URLlinks, etc. The service manager functionality or servers 75 work withsubscription manager functionality 73 to resolve multi-services gatewayappliance version requests and ensure that the multi-services gatewayappliances 10 have the correct version of configuration data. In oneembodiment, there is a service manager for each supported service. Inaddition, there may be a service manager or like functionality forstoring and distributing baseline multi-services gateway applianceconfiguration data. Subscriber data per service may exist inside theservice manager and also, stored directly in the service component,e.g., SIP Redirect/SBC device. The service managers 75 or the likefunctionality or servers or devices may interact with the subscriptionmanager 73, provisioning, NWM, web services interface 90, pub/sub,message routers, and multi-services gateway appliance. Additionally,3^(rd) party wholesale providers, such as a backup service, mayinterface to the service managers via a gateway interface or an API.

In an exemplary application for gateway appliance services, data isbrought down to the gateway appliance to enable it to provide variousservices. Configuration data is provided to the gateway appliance fromthe support network. For instance, subscription manager functionality ofthe support network, for example, as part of initialization process,queries the service managers functionality to obtain configuration datathat can be sent to the gateway appliance and which versions fromconfiguration perspective to report back to the appliance. Suchconfiguration data may include a web service interface URL of theservice manager for where the gateway should communicate. Thesubscription manager functionality then sends the metadata of theconfiguration data, that is, information associated with theconfiguration data back to the gateway appliance. The gateway appliancethen may update its configuration if needed by accessing the servicemanager functionality, for example, via the web services interface, andretrieving the needed data. In another embodiment, the support network(e.g., service manager functionality) may push the needed data to thegateway appliance via the signaling control channel. For each service,the support network provides configuration data to the appliance (e.g.,via service manager functionality) and posts a notification if newconfiguration data is required. When the user invokes the service, thegateway appliance will thus know all that it needs to invoke theservice. For instance, data that the gateway appliance needs may beobtained from the service manager functionality. Login information andkeys may be obtained from authentication server for a particularservice, e.g., for service keys.

Pub/Sub and Updates

As previously mentioned in view of FIG. 4, the publisher/subscribe(pub/sub) server or like functionality 65 accepts and maintainssubscription requests for appliance upgrades and device upgrades fromnetworked services support elements, and particularly, from everygateway appliance 10 in the system. Networked elements communicate withthe pub/sub system or like functionality and publish information thatother elements may have subscribed to. The pub/sub matching enginematches the published information with users (typically gatewayappliances) that have subscribed for notices of new specificinformation. If the pub/sub matches a “pub” with a “sub”, a notificationmessage is sent, for example, via XMPP protocol or like peer andpresence messaging protocol on the signaling control channel, to thesubscribing user, notifying them of the new information.

FIG. 6D highlights how the gateway appliance and the service centernetwork elements utilize the signaling control channel and thepublisher/subscribe (pub/sub) function to subscribe for notification ofcertain events and publish notification of these events in oneembodiment. In this high-level example, the gateway appliance subscribesfor firmware or software updates for the gateway appliance or endpointdevices that it connects, and is subsequently notified when such anevent occurs. It is understood that the pub/sub system providessubscription and publication matching and notification services for boththe gateway appliances and the networked service center elements orfunctionalities. Thus, the logical pub/sub device may have interfaces toall elements that use this mechanism to communicate with each otherincluding, for example, firmware update manager, RMR, provisioningserver, authentication server, service manager, subscription managerfunctionalities, and the gateway appliances.

In an example scenario depicted in FIG. 6D, the updater component orfunctionality with knowledge of updates to gateway firmware or softwareor the like, endpoint device firmware or software or the like, orservice configuration files or the like, may publish the updateinformation to the pub/sub server or like functionality 65, for example,as shown by the route 173. The updater component 51 may receive amessage or notification at 171 that updates are available from othersources. Additionally, various service managers (or like functionality)75 that handle specific services and associated configurationinformation and data may publish information in the pub/sub that updatesare available for those services. Thus, in one embodiment, updatemanager functionality 51 may publish information on pub/sub 65 as to theavailability updates for gateway appliance and endpoint devices.Similarly, specific service managers or like functionality 75 maypublish information on pub/sub 65 as to the availability of updates forthe respective specific services.

In one embodiment, the update notice published by the updater, servicemanagers, and/or firmware manager may include, but is not limited to,new configuration version information for latest firmware or softwarefor the specific service or devices. A matching engine functionality ofthe pub/sub server 65 determines which gateway appliances are subscribedto receive these updates, and generates a notification message 175 thatupdates are available for receipt at the gateway appliance 10, forexample, via IM-like messaging (or any other presence and peeringprotocol) over the public Internet.

FIG. 6E shows at step 260 the gateway appliance receipt of a notifymessage indicating the published firmware or configuration update eitherfor itself or a digital endpoint device. At step 262, the gatewayappliance makes a comparison against the current firmware version anddetermines if the update is needed. If the update is needed, theappliance initiates a pull operation to retrieve the firmware update,for example, over a secure HTTPs connection at step 265 and may start orschedule application of the firmware updates at step 267. In oneembodiment, a descriptor package helps the gateway appliance interpretthe command to obtain the software update, e.g., at a certain locationin the networked service center. In an orderly and secure manner, e.g.,via HTTPS protocol, each of the subscribing devices may seek out wherein the network the published software update resides and onceauthenticated, via authentication server or like functionality, it willretrieve the software. Referring to FIG. 6D, from the support networkperspective, a request is received from each of the gateway appliances,for example, via a web services interface 90, to pull the new firmwareversion. In one embodiment, this may take place according to a scheduleor priority basis. Then, an authentication process is performed, forexample, via authentication server or like functionality 71, and oncethe appliance is verified, the available firmware update may be pulledfrom the updater functionality 51 (or from individual service managersor firmware update manager or like), and forward to the appliance asshown at 177.

As mentioned above, consumers may subscribe for updates to digitalendpoint devices connected to the gateway appliance as well in oneembodiment. For example, a user has a certain type of phone and, ifthere is an update, the pub/sub notification feature or functionalitywill notify the gateway appliance of the updates available for thatphone type. Thus, all of the gateway appliances that have that phonewill be informed with service upgrades. In one embodiment, matchingengine functionality notifies all the update information concerningoperation of the phone device to the subscribers, e.g., like RSS feedsand/or notifies the matching gateway appliance (that is, the gatewayappliance determined as having this phone as one of its endpointdevices) of updates, for example, via signal control channel (e.g.,using XMPP), for example, when news or updates are received for thisparticular phone. The matching engine determines all of the subscribersthat are subscribed for that service and will put out updatenotification to the appliances.

Thus, service managers and/or firmware update manager publishes updateinformation availability to the pub/sub functionality, the gatewayappliances subscribe to desired updates, for example, by registering thecurrent versions of its firmware and software to the pub/subfunctionality, and the matching engine functionality of the pub/submatches the published data with subscribing appliances and sendsnotification to each subscribing appliance.

A pub/sub server may calculate the notification rate for providing thefirmware update and sends the information back to the control messagerouter which forwards the firmware upgrade information to the appliancein the form of a data structure, for example, including but not limitedto IQSet (a type of XMPP message), upgradeDetails (details for upgrade),downloadTime (time it takes to download the upgrade), and timeToUpgrade(time it takes to install upgrade at the appliance). The firmwareupdates are then downloaded from the firmware download server via, e.g.,HTTPS connection, to the appliance. Optionally, a package downloadstatus message may be sent to the component or functionality (e.g., FUM)from which the upgrades were downloaded shown at 344. Further, afterinstalling the upgrade at the appliance or the endpoint device, packageinstall status message may be sent to the FUM or like functionality tonotify the status of the latest upgrade installation. The gatewayappliance may be reregistered or restarted and the patch installationverified. The appliance may also generate a notification 347 that thefirmware upgrade patch has been completed which notice is forwarded tothe FUM or the like functionality of support network.

It should be understood that a firmware upgrade throttling mechanism maybe provided such that, dependent upon the load status (resourceutilization) as determined by the provisioning firmware download server,the firmware update rate may be modified on the fly.

As described above, one or more gateway appliances communicate with theFUM or like functionality to download compatible software for itself andthe endpoint devices. In one embodiment, the appliance is responsiblefor updating the endpoint devices with the downloaded software. A userof the appliance may have an option that is configurable to have updatesautomatically downloaded when available or be prompted to initiate thedownload. For instance, when a new version of appliance firmware isavailable, the FUM or like functionality notifies the appliance eitherdirectly or via pub/sub. If the user is configured for automation, thenthe appliance would initiate download of the firmware. If the user isconfigured to be prompted, then the appliance notifies the user andwaits for an ok from the user. If the user agrees for the update, thenROS would initiate download of the firmware.

In one embodiment, once the firmware is downloaded the applianceperforms the automated firmware upgrade when indications are clear thatthe upgrade will not be interrupting other functions or servicesprovided in the appliance. For determining compatibility with otherexisting functions or services, the appliance performs a basic set of“acceptance” tests to make sure that the subscribed services are stillfunctional after the firmware upgrade. This may be done, for example,referring to a matrix or table of information regarding compatibility orinteroperability among software, firmware, hardware or like of variousservices, gateway appliance components, and endpoint devices. In oneembodiment, this matrix or table of information is received as part ofconfiguration data from the support network, for example, duringinitialization procedure and during other communication session and maybe maintained in the gateway appliance. In another embodiment, thecompatibility test may be performed before the upgrades are downloaded,thus necessitating only the compatible versions of upgrades to bedownloaded. The appliance in one embodiment has the capability to fallback to a previous release in the event of a software upgrade failure.In one embodiment, as described above, FUM or like functionality keepstrack of the various appliances that it communicates with and thefirmware version on each appliance. In another embodiment, FUM does nothave knowledge of which appliances need which upgrade. Rather, FUMsimply publishes information regarding any updates to the pub/sub serveror like functionality and it is up to the pub/sub server to notify theappropriate gateway appliances.

Similarly, for the end point device a user may have the option toautomate the download or be prompted to initiate the download when anupdate is available in the FUM, for example. For each appliance, the FUMor like functionality may be responsible for tracking the softwareversion status and upgrade availability for the devices that eachappliance communicates with. Thus, in one embodiment, the FUM or likefunctionality may maintain a matrix that may include, but not limited tothe following information: the appliance version; the services enabledon each appliance; currently connected devices on each appliance; thesoftware version currently on each device; and the software versions ofthe end devices that are compatible with the existing appliance version.When a new version of software or firmware for an end device that issupported on an appliance is available on the FUM or like functionality,the FUM may do the following for each ROS: check to see if the newversion is supported on the current version of the appliance firmware;if the new software load and appliance version are compatible, then FUMnotifies the appliance if that end device is supported on the appliance;if the user is configured for automation, then the appliance mayinitiate download of the firmware; if the user is configured to beprompted, then the appliance notifies the user and waits for an ok fromthe user; if the user agrees for the update, then the appliance mayinitiate download of the firmware; and if the appliance chooses todownload the update, then the FUM or like functionality allows theappliance to download the new version. Once the software or firmware orlike is downloaded, appliance may perform the automated firmware upgradeof the end device when indications are clear that it will be not beinterrupting the rest of the functions and services. The appliance mayperform a basic set of “acceptance” tests to make sure that the enddevice is still functional after the firmware upgrade in the similarmanner described above with reference to the appliance firmware upgrade.The appliance also may have the capability to fall back to a previousrelease in the event of an upgrade failure.

In one embodiment, as described above, FUM or like functionality keepstrack of the various appliances that it communicates with and thefirmware version on each appliance and/or its endpoint devices. Inanother embodiment, FUM does not have knowledge of which appliances needwhich upgrade. Rather, FUM simply publishes information regarding anyupdates to the pub/sub server or like functionality and it is up to thepub/sub server to notify the appropriate gateway appliances.

With respect to FUM and specific service managers providing update andconfiguration information to various gateway appliances and/or networkelements, there may be a plurality of ways in which such notificationmay occur. In one embodiment, different methods may depend on differentcategories of configuration and upgrade data organized, for example, inthe individual FUM or service managers or like functionality. Forexample, data may be classified into different categories such that forone class of data there should be notification available to allappliances and/or network elements. For this class of data, FUM orservice managers or like functionality may publish the availableinformation via the pub/sub functionality and allow pub/sub to determinewhich appliances or network elements should be notified and handlesending of notifications. Another class of data may be data that isdirected to a subset of elements, for example, regional data that aredirected to appliances located in certain regions or locales. For thistype of data, pub/sub feature may also be utilized. Yet another class ofdata may be data that is solely for a specific appliance or networkelement. For this type of data, the service mangers or FUM or likefunctionality need not utilize pub/sub feature, rather the data may becommunicated directly to the individual appliance directly, forinstance, using an XMPP control channel, or to the individual networkelement via interfaces.

Accessibility Testing

In one embodiment, the accessibility testing feature determines whetherthe gateway appliances are accessible from a signaling point of view,from the support network. The accessibility tester performs anaccessibility test, for instance, from a public interface utilizingUDP/TCP/HTTPS and sends the results of the accessibility testinformation to the requesting one or more service managers. Theaccessibility tester in one embodiment may test different port numberson the IP address for accessibility. Once the accessibility test issuccessfully performed, the service specific manager updates thelocation server component with the gwid, served, and an “active”indication. The service accessibility response is then forwarded back tothe message router for routing ultimately back to the gateway appliance.

Peer to Peer Accessibility Testing

As described above, in certain environments, the gateway appliances arebehind a firewall making it difficult to communicate with them from asignaling point of view. From a signaling viewpoint, messages shouldcommunicate back and forth between the two gateway appliance devices andultimately to the digital endpoint device in the home, e.g., sharing orposting a digital photo to grandma's TV, requesting transfer of orsharing list of music lists, favorites, songs, over the Internet betweentwo gateway devices. This negotiation may be initiated via a presenceand peering based communication protocol such as an IM-based messagingover the signaling control channel as the network state characteristicsof the appliance are known at the support network. For example, thesupport network may determine whether one appliance is behind a firewallhaving a private IP address making it hard for the other device tosignal back via HTTPS signaling. Appliances have this awareness that itis behind a firewall, for example. Thus, according to one embodiment, amethod of negotiating directly over the control channel to establishpeer-to-peer connectivity, i.e., a peer-to-peer accessibility testingfeature functionality is provided to ensure service accessibility. Thus,in one embodiment, the peer-to-peer accessibility testing featurenegotiates and creates using a control channel, a media path to sharedata between the peers.

In another aspect of peer-to-peer accessibility testing, anaccessibility tester or like functionality may request one gatewaydevice to determine whether it can talk to another gateway device, forexample, for determining whether that another gateway device can receiveinbound services. In operation, the accessibility tester functionalityvia, for example, message routing functionality sends a message to onegateway device to ping or try to access in other ways a second gatewaydevice. The message may, for example, include each gateway device'sidentification information and access details such as IP address andport number. The requested gateway device then pings the second gatewaydevice to determine whether it can reach the second gateway device andsends the results back to the accessibility tester functionality.

Gateway Appliance to Gateway Appliance Communications

Another feature made available in the system and method of the presentdisclosure is communication capability between the appliances. Thisfeature, for example, may be utilized for enabling secure peer-to-peersharing of data between or among the gateway appliances. FIG. 6F is anarchitectural diagram that illustrates an overview for communicating orsharing between the appliances. In one embodiment, signaling informationis communicated via the signaling control channel, for instance, usingXMPP, and then the gateway appliances 10, 10 _(n) negotiate thesubsequent transfer of media or data path. In one embodiment, this mediaor data need not travel via the signaling control channel. Thus, forexample, HTTPS path may be negotiated between the appliances 10, 10 ₁.

Services

As mentioned, FIG. 2A describes the high level service framework uponwhich are built services 130, e.g., downloaded via the support networkas packages that are developed and offered by a service entity forcustomers. These services may be offered as a part of a default servicepackage provisioned and configured at the gateway, or provisioned andconfigured subject to user subscription and may be added at any time asplug-in service modules in cooperation with the service center. It isunderstood, however, that while the gateway appliance includes much ofthe intelligence or service logic for providing various services, it isalso possible that for some services, some or all of service logic mayreside in the support network and/or with a third party provider.

Backup and Storage Services

The gateway appliance interoperating with the network support mayfurther provide data backup and restore services. For instance, thegateway appliance may include a user interface and application or likefunctionality for allowing users to select files, for example, stored onuser's PC, on the gateway appliance or other endpoint devices for thebackup and restore services. The term “file” as used hereincomprehensibly refers to files, folders, directories, any data in anyformat, for example, media, ascii, etc. The gateway appliance mayencrypt and compress, and transfer the files to a backup storage. In oneembodiment, the backup storage is a storage provided by a remote thirdparty backup service data center. In this embodiment, data is backed upto and restored from the backup service data center, for instance, viainteroperating with the support network, which, for example, interfacesto the remote third party backup service data center. In anotherembodiment, this backup storage may be at the gateway appliance itself,for instance, on the non-user accessible region of the gateway appliancestorage that is only accessible by the services support network. Yet inanother embodiment, files may be distributedly backed-up on the non-useraccessible region of other gateway appliances, for example, which mayreside at other premises (it should be understood that one premise mayhave more than one gateway appliances). For instance, a file may bedivided into multiple parts and each part may be backed up on differentgateway appliances. Further, one or more parts may be backed upredundantly, that is, on multiple gateway appliances. Combinations ofany of the above-described embodiments may be utilized for backup andrestore services. In one embodiment, a user may provision and subscribeto the type of backup services desired with the provisioning and/orsubscription service as described above.

Two-stage File Back-up

In one embodiment, the gateway appliance and support system architectureprovides a file management feature generally including functionalitythat enables a user to back-up files or content to a virtual memorystorage area provided in the gateway appliance, and then subsequentlyforward the backed-up files to an external wholesale service providerproviding the backup service. Thus, gateway storage device provides theprotected storage for user files and user content at its side of thedemarcation point in a two-stage storage process: 1) storing the contentacross the virtual demarcation point (partition); and then encryptingthe content; and 2) dispersing the stored content to other gatewayappliances, or at another storage location provided by the servicecenter or by a partnered 3^(rd) party back-up storage service provider.This could be performed automatically or on a scheduled basis. Thegateway appliance knows where the pieces will be stored based on theservice configuration and subscription. The locations of appliances thatmay back up content pieces are known at the network level, e.g.,hardware IDs of each of the gateways are known based on the uniqueidentity of the appliance, and the mappings of the IP addresses thatchange dynamically of the appliances are known at the location serversso the location of backed-up content for a user is always known.

It is understood that, in connection with the implementation of back-upservices provided by partnered third party providers, for example, thegateway appliance is configured to communicate with the back-up fileservice provider via the web interface and thus requires the URL of theservice provider for where the gateway should communicate. Configurationdata is provided to the gateway appliance from the subscription manageras part of initialization process that queries the service providers toobtain configuration data that can be sent back to gateway appliance,and tell which versions from configuration perspective to report back tothe appliance. For back-up services, this may be a version 1 at URL 1 sothe gateway appliance should go to this location or, based on locationof the gateway appliance, may be sent to URL 2. For each service,configuration data is provided to the appliance. This is all based onhandshaked communications. When the user invokes the service, thegateway appliance knows all that it needs to invoke the service.

As controlled by the service center, in an alternate embodiment, theencrypted content to be stored are transmitted to another gatewayappliance's storage locations beyond the respective demarcation pointsfor storage there at the other gateway appliances in a distributed,safe, and redundant manner. That is, each file may be partitioned into aplurality of pieces for further transfer or storage in a redundant andsecure manner, e.g., and transferred to the service control partitionsbehind the demarcation point. These pieces may then be encrypted andsent out externally for further storage, automatically, e.g., at time oflog in, on a scheduled basis, or upon user initiation.

Web Butler

The gateway appliance is provided with a service that functions as aproxy for taking action on a user's behalf and includes the computerreadable instructions, data structures, program modules, softwareagents, and objects that may be integrated with the actual servicepackages as a user feature. This proxy function may be configured toautomatically upload pictures, for example, to a service provider viaservice module located at the device, or taking actions for otherservices on a user's behalf. Via the web butler proxy, implementing asearch or in accordance with a user subscription, content from differentinternet-based media feeds (e.g., free content) may be aggregated andautomatically downloaded to the gateway appliance.

Automated Failure Recording and Recovery and Rules Based NotificationServices:

The gateway appliance is provided with a service that providesmaintenance aspects of the gateway architecture managed at networkservice level. Such a service comprises automated failure recording andrecovery platform management whereby a rules-based engine will beautomatically notified and queried to implement a fix upon the detectionof a system or service failure. The rules-based engine comprises a fixin the form of a process that may be performed at the service frameworkand/or platform management levels for each type of service failure. Moreparticularly, the rules based engine is provided as part of the servicemanagement feature through the platform management heartbeat connectionswith processing threads. Upon detection of a failure or alarm by theplatform manager component, the rules based engine will be requested andrequest what actions to perform, e.g., a sequence of rules that woulddirect functionality to go to network and get new firmware upgrade, forexample, or go back to previous firmware version or configuration basedon the rule specified to render the service operational. This willenable a service to be always available with service failuresautomatically addressed without having to restart platform.Additionally, notifications are sent to the service provider whenfailures occur at the appliance.

File Sharing Services

File sharing service of the present disclosure in an exemplaryembodiment allows users to share files, for example, pictures, music,videos, documents, presentations, grocery list, bookmarks, etc., withfriends and family members or other users. The files can be shared withuser's “buddy list” or other contacts maintained at the gatewayappliance at a premise such as the home. Once users are authenticated,the gateway appliances may communicate with each other, for instance,using the mediated or negotiated media or data path between each.Gateway appliance may also track functionalities that the user isenabled to do, e.g., send photos at a digital picture frame to a buddyor other gateway appliance of a member of a community of interest, e.g.,a family or friend, or share a picture for display on a television of abuddy.

In one embodiment, presence and peering messaging protocols such asIM-based protocols may be used for sharing, and may interact from aprotocol perspective, to push to a subordinate device at another gatewayappliance, e.g., a digital endpoint such as a television or digitalpicture frame. To accomplish this, a negotiation is made to determinewho transfers what to which device based on the stored rosters, anddetermine a signal path to accomplish the transfer accepting files forusers in the home, and a process for acceptance of files for aparticular user at the home, e.g., specific files may be accepted forsome user devices to the exclusion of other devices, e.g., belonging toa teenager or minor.

In this manner, for example, a file sharing (e.g., pictures, documents),movie list sharing, music playlist sharing, application sharing, andvideo cam sharing, all can be a managed by the community or network ofgateway appliances that are designated as buddies. The gatewayappliance, in one embodiment, maintains directories of access andsharing and which services are involved to access and transfer content.

In addition to sharing data and files with different gateway appliancesand endpoint devices connected thereto, data and files can be sharedamong the endpoint devices connected to the common or same gatewayappliance. Thus, for example, a photo stored on a PC can be transmittedto a digital picture frame on the same gateway appliance network, emailsreceived via the PC can be displayed on the television connected to thenetwork, etc.

Additional examples of functionalities associated with file sharing on agateway appliance may include, but is not limited to: allowing a user totag or add comments, descriptions to the files for sharing, allowingfriends and family or the like viewing the shared file to leave theircomments, providing scratchpad function to share, allowing users toshare widgets, RSS feeds, and tabs on their personal page with familyand friends or the like, allowing users to create slideshow with mediaand share it with family and friends or the like.

File sharing functionalities may be performed manually,semi-automatically or automatically. For example, in addition toallowing users to select files and one or more user or user groups forsharing, there may be provided a personal page access or the like,which, for example, may present the user with predefined parameters forsharing such as files or folders designated previously for sharing, anda list of contacts preset for sharing. The list of contacts may havebeen imported from other applications such as email or IM buddy listsand/or entered manually. Thus, with a set of predefined parameters inplace, file sharing may be invoked with minimum user interaction, forinstance, as one-click function. In another aspect, file sharingfunctionality may be setup such that, for example, when a change or newfile is detected, the file sharing is invoked automatically. Forexample, a file or folder may be designated as an automatic share fileor folder, and if any change in the data of that file or folder isdetected, file sharing is initiated automatically.

In a further aspect of the invention related to file-sharing, thegateway appliance and support system architecture provides a hostedservice-virtual space on the centralized disk storage at the gateway forusers. Dedicated areas of user storage may be designated as shareableincluding application level sharing for any application that has data.As shown in FIG. 3A, this virtual storage area 159 may be combined fromits internal hard disc storage with any network attached storage devicelocated at the network to create a single virtual file system thatconsumers can use like a single drive.

Through the roster or buddy list enabled by the peer and presencemessaging protocols implemented over TCP, the users may dynamicallyshare in a virtual space via their PC or other endpoint devicesconnected with the gateway. Any type of data may be shared includinguser generated data such as, but not limited to: files, photos,slide-shows, video and audio files, .mp3 playlists, web-links orbookmarks, or any information (e.g., web-blogs, comments, discussionforums, personal information, and to-do lists) via secure gateway togateway communications. Thus, for example, via the gateway, buddiescould configure RSS feeds to their personal page on this share space.The shared file is at virtual, programmatical area in application levelspace at the gateway. This data or file or information to be shared maybe designated by the user and tagged, via an endpoint device userinterface, to indicate the data or file to be automatically stored atthe virtual file location for that user or information as sharedcontent. The shared content communicated may have associated privilegesdepending upon the recipient, e.g., content is delivered withpermissions given, e.g., read-only permission, or an update permission,e.g., to invite comments for sharing or discussion among buddies, at thevirtual level. Thus, the invention provides for community sharing with abuilt in management structure that enforces service subscriptions forsuch service.

Coupled with permissions functionality whereby connected users may havepermission sets associated with them, a dynamic virtual space sharingenvironment is provided where select users can be notified of certainevents on a scheduled basis, for example. Permissions are enforcedlocally on a buddy by buddy basis, e.g., privilege granted to addcomments via the messaging infrastructure. The gateway provides agranular privileged support, e.g., read, write only, update privileges,etc., and the notification may be via telephone, IM, e-mail program,etc.

Via the file-sharing interface provided by the gateway, buddies could“subscribe” for changes to such shared spaces. When there are changes oradditions to the subscribed share space, the buddies will getnotifications through email or IM or through their personal web page.Thus, if granted the privileged, via the peer and presencecommunications protocol implemented, a notification may generated thatis packet transferred to the buddy's gateway device via TCP forindicating to a user that shared data is available. For example, that ashared space session is being initiated by a buddy, e.g., for purpose ofsharing an application, or adding comments.

Other functionalities include, but are not limited to: viewing a to-dolist on TV, or providing scratch pad capabilities; and sending a signalfrom the gateway appliance to generate for display at the TV device theto-list or any user generated data, via messaging infrastructure,provision of a single click-share service. This is especially applicablefor VPN closed user groups environments via a VPN providing a virtualclosed network environment within which users (buddies, friends, family)may interact, e.g., share a common interface to enable real-time videogaming.

As mentioned, file sharing may occur between and among different digitalendpoint devices, among different gateway appliances, and amongdifferent digital endpoint devices associated with one gateway applianceand various endpoint devices associated with another gateway appliance,etc. For instance, a user may send a photograph (or any other file ormedia) from a mobile phone (or other digital endpoint devices) to agateway appliance. The gateway appliance may forward that photograph toanother digital endpoint device connected to the same gateway appliance.The gateway appliance may forward that photograph to another gatewayappliance, which in turn may forward the photograph to an endpointdigital device associated with that other gateway appliance, forinstance, another mobile phone, a digital picture frame, a PC, etc. Asdigital endpoint devices may include WIFI or other wirelessly enableddigital cameras, sharing of files from those wirelessly enabled digitalcameras may occur in a similar manlier.

Remote Web Access

Remote web access feature in an exemplary embodiment allows a securemechanism to connect to and access the gateway appliances from anywherethrough the web. A public web proxy/redirect servers or likefunctionality of the present disclosure in one embodiment provide HTTPredirection and proxy services for public web access to the gatewayappliances. In one embodiment, for the gateway appliances that residebehind external firewalls, VPN accessibility is provided. In oneembodiment, a user may access a web page provided by the webproxy/redirect servers. The user is prompted to enter information suchas user identifier (ID) and password. Steps are initiated to enableestablishment of a path or channel via which the information may besafely exchanged that enable a secure communications session to beestablished between the remote web browser and the gateway appliance.For example, the web proxy/redirect server encrypts the user information(e.g., ID and password) and transmits the encrypted information over thealways-on control channel described above to the target gatewayappliance, that is, the gateway appliance the user is attempting toaccess via the remote web. The gateway appliance then authenticates theuser ID and password, that is, determines whether the user ID andpassword are valid for accessing the gateway appliance. If the user IDand password are valid, the gateway appliance communicates to the webproxy/redirect server that the user can access the gateway appliance.The web proxy/redirect server in turn provides the IP address for thegateway appliance to the user for directly connecting to the gatewayappliance, for instance, via secure HTTP or HTTPS connection. In oneembodiment, all service decisions with respect to further communicationsare decided at the home appliance. Thus, a user may remotely order amovie and have it downloaded to the user at his/her gateway appliance orremotely control home automation devices for controlling various devicesat a premise.

IM Server

As mentioned, the gateway appliance is the central communicationplatform that interoperates with multiple devices in the home to form ahome networking environment. In the context of home automation, thegateway appliance 10 is additionally provisioned with a home automationcontroller device that communicates with the IM server function tofacilitate home network management, including: a home automationcontroller that interfaces with a TV/Web interface that interfaces withthe digital media adaptor component and a device driver (e.g., USB) thatinterfaces with the home automation network (e.g., Zigbee network) via ahome automation control node that is responsible for communicating withthe “smart” devices designed for home automation. The digital mediaadaptor component further communicates with the TV device at thepremises, and the TV/Web interface further interfaces with the computingdevice, e.g., PC at the premises. Further, the IM server functionalityinterfaces with an IM client that is either local (at the premises) orremote and may include a SIP phone or a PC.

In the context of home automation services, the appliance supportsmultiple types of home automation controllers and multiple protocolstandards including a variety of non-IP protocol standards and vendorspecific proprietary protocols such as Insteon, Zwave etc. This enablesthe user to integrate multiple vendor devices in the home. It is furtherunderstood that the controller device itself may support more than oneautomation protocol such as Insteon or (legacy) x10 devices and theseprotocols will be transported via RF or electrical path. The gatewayappliance only communicates with controllers via vendor specificprotocols.

Gateway appliances are able to communicate with each other to shareinformation through this IM server functionality provided at theappliance. All the messages and commands are communicated through asecure network connection.

Appliance GUI

For ease of operation, the appliance provides a GUI interface thatsupports functional test, diagnostics, and control capabilities foritself and for the other home network devices that it communicates with.The test and diagnostics include logs, statistics, and alarms (alerts)for use by service support centers and users. The control capabilitiesinclude automated configuration and management. To this end, users ofgateway appliances 10, . . . , 10 _(n) accesses the web/internet via apersonal computer/computing device, mobile or laptop computer, personaldigital assistant, or like device implementing web-browserfunctionality, e.g., Firefox 1.5 and Internet Explorer® 6.0 or later, orother browsing technology that may be compatible. In an exemplaryembodiment, the browser interface employs the latest user interactiontechniques, e.g., Web 2.0, and implements web development technologiessuch as AJAX (Asynchronous JavaScript and XML).

With respect to accessing the gateway appliance and services via a webinterface, users will log-in to a home page screen (not shown) via aweb-based communication by entering a username and a password. Uponsubmitting this login information, both the username and password willbe validated. If either the username or password is invalid, then anappropriate error message is displayed explaining the nature of theerror. If the login is successful and the gateway appliance has alreadybeen initialized, a user's personal page will be loaded by default whichpage is user is configurable. A tooltip functionality is provided formore details about the status. If the status is red, the user can selectthe status indicator to get a diagnostic screen with a network map (notshown). This screen will display the current status of all devicesmanaged by the gateway appliance and includes a button to allow the userto test the current status. A top bar is also used to indicate theprogress status of any backup jobs currently running. A tooltip isprovided to indicate the schedule name and the progress percentage. Thetop bar is also used to indicate the space usage of the user. A tooltipis provided to indicate the percentage of the space used by the user ofthe allocated space configured by the administrator user. There is alabel provided that displays the current user information (e.g.,administrator), and next to the label is a link to logout of the homecenter. When the user clicks on the logout link, the users' web sessionwill be invalidated and the login page will be displayed. A further linkis provided to change the user preferences. For example, when the userclicks on the “Preferences” link, a dialog box will be displayed thatwill allow the user to change the user preferences settings such ascolor, font, and themes.

If the feature represented by the icon is not available, then the iconwill be grayed and a tooltip will be provided to display an explanation.Although not shown, notifications for each feature are displayed as ananimated icon below that feature in the second bar. A tooltip isprovided with more details for each notification. When the user clickson the notification icon, that feature page will be loaded to displaythe detailed notification information.

Home Automation Services

In the home networking environment, the gateway appliance operates asthe management center for managing the various services and devices thatform the home network. One of the services offered by the gatewayappliance is the home automation service. Via a home automation page,the user is enabled to view and manage the home automation devices. Thehome automation service is enabled/disabled by the service center. Whenenabled, the gateway will be able to communicate simultaneously withmultiple home automation vendor controllers installed in the home. Ifthe installed controllers are supported by the gateway, they may beautomatically discovered by the gateway. When being provisioned, thefollowing elements are processed: 1. system configuration; 2. mapbuilder; 3. event builder; 4. scene builder; and 5. group builder.

System Configuration

When the gateway appliance is first introduced in the home network andif the home automation service is enabled by the service provider, thenthe gateway appliance detects and automatically discovers the followingcomponents: all the controllers that are part of the home automationnetwork and whose protocol is supported on the gateway appliance; allthe end devices supported on each of those controllers; and the firmwareversions on each controller and end device. Once the controllers aredetected, the gateway appliance allows the administration user toconfigure the detected controllers. As mentioned herein, once thecontrollers have been detected and configured, the gateway applianceupdates the Firmware Update Manger (FUM) with the controllers and enddevices supported on the home network along with their current firmwareversions. For each gateway appliance on the managed network, the FUMmaintains the knowledge of the controllers and end devices. It is theresponsibility of the FUM to keep track of firmware updates forcontrollers and end devices and inform the gateway appliance when anupgrade is available. The gateway appliance additionally maintains atable of the controllers and supported end devices on each controller.This is later associated with user defined labels used for the GUIdisplay as will be described in greater detail herein.

Map Builder

The map builder component provides the computer readable instructions,data structures, program modules, objects, and other configuration datafor enabling a user to configure the home automation service. In thisprocess, two types of maps are generated: a general map and a detailedmap. The general map allows the user, during configuration, to label enddevices, i.e. “stairway lamp”, “joe's dimmer desk lamp”, “downstairsHVAC unit”, etc. The user selects or designates a specific device andcan turn it on, off or change it to a specific setting (for example, setthe “joe's dimmer desk lamp” to 50% power, set the thermostat of the“downstairs HVAC unit” to 75 degrees). The detailed map extends thecapabilities of the general map by including a floor plan to associatewith the labeled end devices and enables the following: 1) constructinga floor plan of the house; 2) labeling end devices, i.e. “stairwaylamp”, “joe's dimmer desk lamp”, “downstairs HVAC unit” etc.; and 3)associating devices with specific rooms by dragging and dropping iconsin specified locations in the room. The user may also generate anautomation network map of the home and select a specific device and turnit on/off or change it to a specific setting (for example, set the“joe's dimmer desk lamp” to 50% power, set the thermostat of the“downstairs HVAC unit” to 75 degrees). An administrator/user has theability to create two types of maps: home automation network map (termedas “network map”) and the controller map that is used by authorizedpersonnel (service provider/home user) for diagnostics. The network mapincludes the gateway appliance, all the controllers, and all thecontrolled devices in their specific location; and the controllerspecific map (termed as “controller map”) includes the map of eachcontroller and the devices controlled by that controller.

Thus, the gateway appliance supports a map builder process to enable theadmin/user to build the maps. In this process, a user is enabled to: 1)create a floor plan of the house; group each room as part of a sectionsuch as “upstairs”, “downstairs”, “east”, “west”, “basement” etc. If theuser does not want to use the section, the default value can be“downstairs”. Then it shall be possible to label each room with anappropriate name such as “Joes' room”, “living room”, “kitchen”, etc.Hence, the gateway appliance may provide a list of standard labels asgiven below: living room, formal dining, family room, kitchen, breakfastroom, second living room, third living room, foyer, front porch, patio,<username> bedroom (this label could be used multiple times with adifferent username), master bedroom, master bath, hall bath, <username>bath (this label could be used multiple times with a differentusername), media room, and user specified.

Each of the icons representing the controlled devices can be labeledwith a unique user defined label (such as Joe's desk lamp, kitchen lamp,etc.), or comprise standard labels. Each of the controlled devices isadditionally assigned status indicators. The gateway appliance shallprovide pre-defined status indicator templates for each type of enddevice (e.g., if the lamp has a dimmer switch, then that lamp will havea dimmer switch template). Hence, the status indicators are assignedeither automatically (gateway appliance communicates with the controllerand get the status indicators for each end device) or manually (the userwould have to assign the status indicator). Examples of statusindicators include, but are not limited to: on/off for a lamp, dimmersetting on the lamp, temp for A/C/heater unit, etc. The gatewayappliance may provide a set of standard status indicators as well asshown in the table below.

No. Device type Status indicator 1 gateway appliance Packet throughputstatistics (performance (WAN/LAN, AP) statistics) temperature conditionsof the system board(s) disk usage disk frag Process management (to bedisplayed only to the service provider): 1. All processes running on thegateway appliance 2. All configuration 3. Start/stop control of allprocesses running on the ROS IM agent: 1. Each IM user client 2. Statusand statistics for IM-based notification services 2 Automation Status ofeach end point device controller connected to each controller (mapdisplay) 3 PC Connected/Not connected; last time back up was done; lasttime file was shared 4 Phone Last reboot date; Last registration date;operational status 5 Media adaptors File formats supported; Maxthroughput allowed; DRM supported; operational status 6 MOCA Nodeconfiguration; MAC control adaptor/HomePNA parameters; PHY controlparameters; Vendor ID parameters; traffic statistics; operational status(what channel etc)Event Builder

The gateway appliance supports an event builder process to furtherautomate the home by enabling detection of an “event” thatenables/disables the activity of a device. Example events may include,but are not limited to: rain threshold exceeded, an alarm going off, ormotion detected by the motion sensor. For example, a trigger maybe setto turn off the sprinkler system if a “rain level exceeded” eventoccurs. Another example is to record a video snapshot if a motiondetector event is received. When an event enabled through the eventbuilder gets activated, the user is notified. An event trigger is builtas part of the set up procedure. This builder includes events that whendetected will trigger an action, e.g., to automatically enable/disablethe activity of a device such as shown in the Table below:

Trigger events Triggered actions Rain threshold The sprinkler system isdeactivated until the rain exceeded threshold level is not exceededAlarm goes off The alarm is again set for activation to the presetconfiguration until deactivated Motion detected by the Captured on thecamera/Light comes on motion sensorScene Builder

The gateway appliance supports a scene builder process to enable thesetting of “scenes” or scenarios enabling users to control multipledevices simultaneously. For example, the user may have a “sleep time”scene, either scheduled to occur automatically or invoked by the user ata certain time. When the “sleep time” scene is invoked, lights areautomatically turned off, blinds are drawn, thermostats are adjusted,night lights are turned on, etc. Instead of the user manually movingabout the house and making these adjustments, the user schedules thisautomatically in the gateway appliance or the user will simply invokethis scene via a web-based graphical user interface. The scene builderenables a user to: construct, modify, or delete scenarios, schedulescenes to be automatically or manually invoked, obtain a status check oruser control of constructed scenes from all local and remote interfaces,and create user defined scenes. The gateway appliance includes a defaultscene builder for the user to use and modify if needed. One exemplarydefault scene builder is configured as shown in the Table below:

Lighting Device Blinds labels Thermostat Device for the Dim Zone labelsfor Scene rooms Setting number Temp def F. the rooms Raise % NightLiving 50% 1 75 Kitchen 0 scene room blind 1 Lamp1 Kitchen 100% 2 85 MBblind 1 100 lamp 1 3 off

Preferably, the device labels for this default scene builder isconstructed based on the labels that the user has created while buildingthe network map.

Group Builder

The gateway appliance supports a group builder process to enable thegrouping of items together and give it a labeled name. All the devicesin this group will go to the same state. This is in direct contrast tothe “scene builder” where all the devices included in a scene may be setto different levels. If light 1, light 2, and light 3 are in a group,then a single command (e.g., “ON”) executed on the group will cause allthe lights in the group to be in the “ON” state. Alternately, in anothergroup configuration, if light 1, light 2, and light 3 belong to a “nightscene”, then when the night scene is invoked, light 1 could be at lit at50%, light 2 at 20%, and light 3 may be “OFF”. The built group maybecome a part of a scene which can be invoked automatically or manually,or be invoked as a group whereby all the individual components are setto the same final state.

Controller Status Indicators

In order for the user to control the various automation devices, it isimportant that these devices are monitored on a regular basis and theresult of the monitoring is displayed to the user. The status indicatorsof the controlled devices provide a means to monitor the automationdevice. The home automation controllers are capable of tracking thestatus of the devices that it controls through the methodologyimplemented to communication between itself and the devices (e.g., zwave/Insteon protocol). These controllers may communicate with the endpoint devices using multiple protocols. Some of these protocols may havea “closed loop” design, i.e., the devices provide acknowledgement backto the controller so that if the acknowledgement is not received, thecontroller retries the command (e.g., the Insteon protocol). These typesof controllers can send control and simple data between devices (i.e., alight switch turning on multiple lights/devices) within the home. Togive an example of the above mentioned scenario, assuming that thecontroller is controlling an Insteon-based lamp A, the gateway applianceknows (through status indication) that the lamp A is on and communicatesto the controller that lamp A needs to be turned off. The gatewayappliance tells the controller to turn off lamp A; in response, thecontroller (e.g., Insteon based) transmits this signal (RF and/orelectrical) to the physical entity lamp A; when the lamp goes off, thenthe controller gets an ACK/NACK back from the device acknowledging thatthe lamp A was turned off/not turned off (if the end device is an X10protocol-type device then there is no acknowledgement received); thegateway appliance then updates the status indicator of the devicedepending on whether it was an ACK/NACK. Thus, if the ACK/NACK is notreceived within a configurable period of time, then the gatewayappliance reissues the command to the controller and restarts the timer.If there is no ACK/NACK received by the time the timer expires, then thegateway appliance alerts the user.

The gateway appliance polls all the controllers at a configurable timeinterval, e.g., 5 minutes. Alternatively, the gateway appliance mayreceive events from the controllers informing gateway appliance of thestatus of the end devices. Either way, the gateway appliance maintainsthe status of the devices based on the polling/event result. The statusof each device is reflected on the network/controller map. For all X10devices, the status indicates a value of “unknown”.

If a controller was configured by the user as a managed device but thegateway appliance does not receive any communication message from thecontroller, then the status indicator reflects the lack ofcommunication. If an error code is received from the controller, thenthe gateway appliance either translates the error code and displays itin common language or directs the user to a help page where the errorcode is explained. If a controller is able to detect (possibly throughan error code) that a managed end device is not responding to it, thengateway appliance interprets that detection and conveys it to the userby either displaying the error in common language or directing the userto a help page where the error code is explained.

When the gateway appliance receives an indication from the user throughany of the access methods to execute a particular command on a device ora group of devices, the gateway appliance responds by performing thefollowing: it maps the user command to a corresponding message to besent to the controller and then sends the message to the controller; andit waits for the acknowledgement message from the controller for aconfigurable preset period of time. If the message is received withinthe pre-set time period and the message indicates that theactivation/deactivation was a success, then the gateway appliance setsthe status indicator of the corresponding device based on the message.If the message is received within the pre-set time period and themessage indicates that the activation/deactivation was a failure and areason code accompanied the failure indication, then the gatewayappliance maps the reason code to a user friendly message and displaysthe message. If no reason code was indicated in the failure message,then the gateway appliance displays the message “unknown reason”.

In the event that the controller did not get an ACK back from thecontrolled device, the controller may send a NACK message to the gatewayappliance indicating that the device did not respond. When the gatewayappliance receives this message, the gateway appliance displays themessage “device not responding” to the user and does not change thestatus indicator of the corresponding device. If the acknowledgementmessage is not received within the pre-set time period, then the gatewayappliance retransmits the message one time and restarts theacknowledgment timer. If the controller does not send an acknowledgmentmessage the second time before the timer expires, then the gatewayappliance displays the message “acknowledgement not received” to theuser and does not change the status indicator of the correspondingdevice.

The acknowledgement message is received after the acknowledgement timerexpires, the gateway appliance ignores the message.

User Access and Control

The home automation device is accessible remotely or in-home. Each ofthese accesses can be enabled through multiple interfaces as defined inthe following table:

Interface Remote In-home No. Type of interface access access 1 Web X X 2IM X X 3 phone (touchtone, IVR) X X 4 TV X 5 Manual X 6 Remotecontroller (vendor supplied) X 7 A Mobile device X X

The administrator has the ability to enable or disable remote access ofany of the automation entities given in this table. As defined herein,the home automation feature is password protected. The system supportstwo levels of user access, User and Administrator. The administrator isable to perform all operations, including setting privileges for eachuser. The system implements default settings for each new user.

The methods of access and control is individually enabled or disabled bythe administrator. For example, a user may have access to see the statusof the automation device, but not reset the devices. The gatewayappliance supports configuration and provisioning activities via theremote access (through the web) as defined herein. Thus, when a gatewayappliance is powered up in a home, an administrator/user who hasremotely, through the web, logged into the home automation service onthe gateway appliance is capable of configuring the gateway appliance.

Web Access and Control

Via a web-based interface providing access to gateway appliancefunctionality, the gateway appliance generates a map-like view of theautomation devices and their status. Wherever possible, the graphicaluser interface device status provides graphical representation of thecurrent status, i.e. “light on” “light off”, door open, etc. Whenaccessed via the web, the system provides a menu driven method ofcontrol, or a map driven (network map and controller map) method ofcontrol. An administrator/user may be responsible for setting the remoteaccess privileges for all the users. When the control is menu driven,the display consists of: a device name (such as lamp, blinds); a roomlabel on the device (Joe's desk lamp, kitchen blind); a status indicator(lamp dimmed 50%, blinds raised 50%); and an action to be taken. Thefollowing table presents example room labels such as described hereinand the examples of status indicators for each devices:

Device name (including room label) Status indicator Action to be takenBlinds Raised: 0%, 25%, 50%, 75%, 100% Raise what % Lamp On/off Switchon/off or Dim - 25%, 50%; 75%; off Dim what % Door Open/Close Open/CloseGarage door Open/Close Open/Close Window Open/Close Open/Close AlarmMotion sensor - on/off On/off Front door- open/close Open/close Backdoor- open/close Window1- open/close Window2- open/close Window3-open/close Garage door - open/close

Each action entered by the user is recorded temporarily and once theuser has input all the actions and confirmation is received to apply theactions, then the actions are executed. After the actions are executedthe web page is refreshed with the updated status indicator.

Access to the network map of the home automation system may be governedaccording to privileges where users have the ability (privilege to beset by the admin) to view the network map of the home automation systemthrough the web. The status indicator of each device is displayed on thenetwork map. Once the network map is displayed, the user is able tochange the setting on each device. The user does this by clicking on thedevice that he/she wants to set. At this point, a configuration windowis displayed to the user that includes the status indicator parametersthat can be changed by the user. Once the user completes configurationof all the chosen devices to the new setting, an updated view of thenetwork map is displayed to the user without the user having to refreshthe view. The administrator or user is additionally enabled to zoom inon a particular controller on the network map and view in another windowthe controller map which displays each device that the controllercontrols. The status indicator of each device is displayed on thecontroller map.

IM Access and Control

A gateway appliance has the ability to connect to the home automationservice in the gateway appliance device through IM from a PC or anyother IM interface that is supported. Particularly, the gatewayappliance is configured to appear as a buddy in the user's buddy list.The name for the gateway appliance IM buddy client user agent as itappears on the buddy list is configurable.

Once the user clicks on the gateway appliance buddy the following eventsare initiated: the user is entered into an IM “chat” mode; a menu optionwith “home automation” as one of the options is displayed to the user;and when the user chooses the “home automation” the user is prompted fora password. Once the password is authenticated, the user is capable ofasking status, and then changing status and optionally receivingnotifications via IM. An example IM interface dialog is presented to theuser that will display one or more of the following: whether anyunexpected events have occurred in which case the user may be promptedto enter an instruction; request a status check; change a device status;and review an event log. In one example, upon selection of change devicestatus request, the user will be prompted with choices for selecting adevice type, e.g., light switch; garage door; outlet; sprinkler system;or a main menu option. Furthermore, in one example, upon selection of adevice, e.g., a garage door selected, the user will be prompted toselect the actual garage door, e.g., door 1, door 2, and main menu.Thus, the user interaction is text based and menu driven.

TV Interface Access and Control

The TV interface support both menu option and network map options asdescribed herein. The user is able to designate particular events andtheir updates (such as time and temperature) to be continuouslydisplayed on the TV when a media is playing on the TV. The TV interfacedisplays notifications of events as designated, e.g., A/C breakdown;water leak; and motion detected.

Telephone Interface and Control

The user is additionally able to connect to the home automation servicein the gateway appliance device through dialing their home number, e.g.,a 10 digit home number. A sequence of events may be executed in responseto a received call that has been answered, e.g., the call is consideredanswered if the voice mail gets connected. The user may be given theoption to escape out of the voice mail if so configured. The menu optionfor IM with text to speech conversion is available and shall be offeredwhen the home automation choice is selected; the user is prompted for apassword. If the right password is entered, then the user will receive aconfirmation, e.g. an audible tone, to the user that he/she is in thehome automation command interface. The same commands offered in IM withtext to speech conversion are offered for the phone interface.

Once the user connects to the gateway appliance, then the user isconnected to a menu driven IVR type or functionality. The menu presentedis exactly the same as the IM interface as described herein. The homeautomation interface on the gateway appliance is deactivated when thephone goes off hook. The home automation interface on the gatewayappliance is activated even if the voice mail picks up the call.

Mobile Device Interface

The system optionally supports WiFi-IP for interacting with mobiledevices. Thus, a user may access the home automation service through aHTML supported mobile in a manner similar to the web interface asdefined herein. Additionally, the user screen is modified to fit themobile device. For example, the users may optionally connect wireless IPcameras to the gateway appliance system and stream or store IP video andreview this data from a web or TV interface.

Home Automation Services GUI

A home automation page can be generated to display the following for allof the controlled devices: 1) the user defined name for the device,after the devices are automatically detected, the gateway appliance willdefault the name to the type and the user can modify the name by usinginline editing; 2) a status indicator icon or label indicating thecurrent status and possible value of the device; 3) a user defined roomin which the device is located, when the devices are automaticallydetected, the default room will be the empty, however, the user canchange the default room by using inline editing; 4) the manufacturer andtype of device; and 5) any actions that can be done on each device.

A total number of rooms can be displayed and an icon is provided thatenables the user to add a new room to the list. When the user clicks onthe add icon, a new room screen will be displayed. The content arealists the rooms in a table with the following columns: 1) a user definedname for the room, the user can modify the name by using inline editing;2) the floor on which room is located, the user can change the defaultroom by using inline editing; and 3) the actions that can be done oneach room, e.g., delete the room. When the user moves the mouse overeach room in the table, the room plan is displayed inline.

A user may edit an existing room. The content area thus displays thecurrent room name and floor that the user can edit to change.

Integration with the Calendar

When the user sets a schedule on any of the home automation devices, theschedule will be integrated on a calendar application. For example, ifthe user has scheduled housekeeping tasks at specified times, then thecalendar automatically reflects those tasks. In each user's calendar,only the tasks assigned by that user are reflected. Similarly, if theuser has utilized the scene builder to generate a “night scene” that isinitiated at 8 p.m. everyday, then the calendar shows the scheduling ofthe “night scene” everyday at 8 p.m. The user is then able to click onthe scheduled tasks and modify the task. When the tasks are displayed onthe calendar, the user may click on the task and make any changes on thetask. The calendar is updated to reflect the changes. Thus, if the timeof the scheduled task was moved from 8 p.m. to 9 p.m., then the calendarautomatically refreshes to show the new scheduled time.

Alarms, Logs, Statistics and Diagnostics

Referring to FIG. 4, the support services network 50 also may processalarms, logs, and statistics. For example, alarm aggregator 82 of thealarm subsystem may collect alarm statistics from the gatewayappliances, for example, using the signaling control channel, and fromother network elements, preprocess, and screen the collected alarms andpass them to the alarm subsystem for appropriate processing. Alarmaggregators, for example, may request alarm and diagnostic informationfrom selected gateway appliances at predetermined intervals. Alarms mayalso be collected on demand, for instance, when a user requestsdiagnostic information for a selected gateway appliance. Further yet,the gateway appliances may communicate alarms as they occur. The alarmsubsystem 82, 85 may log and provide diagnostic access to all thenetwork elements and utilize the underlying accessibility framework forhard to reach gateway appliances. The alarm subsystem 82, 85 further mayrun diagnostics, configuration control, and provisioning control.

FIG. 6G illustrates an architectural overview of alarms and statisticsaggregator functionality in the support network in one embodiment. In anexemplary embodiment, the alarms and statistics aggregator functionality82 provides a method for monitoring and troubleshooting the gatewayappliances. The aggregator functionality 82 in general may provide acollection point for all alerts and statistical data from the gatewayappliances. These alerts and statistics may be massaged, e.g., filteredor reformatted, and forwarded to a 3^(rd) party network managementsystem 85 for monitoring and managing the gateway appliances. In anotheraspect, the aggregator functionality 82 may serve as a conduit forquerying information from each gateway appliance 10. Informationrequests may be performed through simple networking management protocol(SNMP) that gets initiated by the network management system 85. Alarmsfrom the gateway appliance 10 may travel through the connection manageror like functionality 60, message router or like functionality 62 to theaggregator(s) 82 or like functionality to reach the NMS 85. In oneembodiment, the aggregator(s) 82 receive alarms, logs, and statistics inthe format of XMPP messages. The following depicts an example alarmmessage structure generated by the gateway appliance for communicationto the service center. The alarm message shows a SNMP Trap encapsulatedin XMPP.

 <stream:stream  xmlns=’jabber:client’  id=’c2s_345’  from=’gatewayappliance-unique-number@prodeasystems.com’ to=’alarms@prodeasystems.com’  version=’1.0’> <SNMP Trap> Versionnumber  = SNMPv2     Community name = gateway appliance-Network     PDUtype  = Trap     Request ID  = 1     Error status = 0     Error index  =0     Variable bindings = {Alarm  = rhcCallRoutingFailure        Subsystem = gateway appliance-Voice         Region  = 75080}</SNMP Trap>

In one example embodiment, the SNMP Trap is formatted in XML or likemark-up language. In operation, the aggregator 82 translates messagesfrom the gateway appliance to a SNMPv2c format and then forwards themessages to the NMS 85. Aggregators 82 may also translate SNMP getsqueries from the NMS 85 to XMPP messages for sending to the gatewayappliances. Regardless of the direction of communication, theaggregators 82 translate the message to the appropriate protocol. Othernetwork elements may utilize the aggregator 82 for alerts andstatistical requests. In one embodiment, alarms from any networkelements of the support network may travel directly to the NMS 85without passing through the aggregator 82.

In one embodiment, a mechanism for load balancing and redundancy may beprovided for the alarms and statistics aggregators 82. One mechanism mayinclude performing load balancing across the aggregators 82 through aseparate application or functionality referred to as alarm component.Alarm components may manage connectivity between the message routers 62and the aggregators 82 as well as evenly distribute incoming messagesacross all aggregators 82. The aggregators and components may run in N+1configuration, which may permit an aggregator or component to beunavailable without affecting the collection of alarms and statistics.In addition, there may be aggregators dedicated to translating andpassing SNMP gets for querying information from the gateway appliances.These aggregators may communicate directly with the alarm components toforward the XMPP translation of a SNMP get to a message router 62, whichforwards the XMPP message to the gateway appliances. In one embodiment,the majority of aggregators may be dedicated to routing messages to theNMS 85, while a fewer such as one or two aggregators may handle routingmessages to the gateway appliances.

In another embodiment, connectivity to the message router functionality62 may be integrated directly into the aggregator 82. In thisembodiment, the routing of messages from the gateway appliance 10 to anaggregator 82 may be based on the following: each gateway appliance mayestablish a static connection to a message router 62. Each connectionmanager 60 may have a static connection to a message router 62. Eachaggregator 82 may establish static connections to multiple messagerouters 62, for instance, with no router having more than one aggregatorconnection. Messages from an appliance 10 may then flow through a commonpath to the same aggregator. If an aggregator is unavailable, thenmessages for that aggregator may route to the closest availableaggregator through the message routers 62.

Aggregators or like functionality 82 may themselves generate an alarm,for instance, upon failure of the aggregator to translate a message toSNMP. Similarly, an alarm may be generated upon failure of theaggregator to translate a message to XMPP and forward the message to agateway appliance. The alarms and statistics aggregator 82 or likefunctionality may also generate alarms, for instance, upon establishingsuccessful connection to a message router, failed connection, when anactive connection is lost, or upon failure to forward a message to agateway device. Such alarms may include the IP address or the FQDN of amessage router and reason or description for the event.

In one embodiment, each NMS may be associated with a service provider.For enabling aggregators or like functionality 82 to route messagesreceived from the gateway appliances to a specific service provider NMS85, the alarm message may include an identifier for the service provideror the aggregator 82 may query the service provider, for instance, froman external source, based on the gateway appliance's ID such as JabberID. In addition, the aggregator 82 may track a list of IP addresses andports for each NMS 85. Further, the aggregator 82 may support the optionto route messages to one or more NMS 85 based on the service providerassociated with the gateway appliance sending the message.

In one embodiment, the alarms and statistic aggregator or likefunctionality 82 may support different states when active. One state maybe unlocked. During unlocked state, the aggregator receives incomingmessages and translates messages. Another state is locked. In lockedstate, the aggregator is no longer accepting incoming messages, however,the application, i.e., aggregator may be still translating messages.This state may be useful for gracefully halting or shutting down anaggregator. Generally, an administrator may be given privileges to beable to move an aggregator instance into a locked state or unlockedstate. In addition, an administrator may be enabled to shut down anaggregator instance. Further, the aggregator cluster 82 may be designedsuch that a single aggregator instance may be upgraded or shutdownwithout affecting or having to shutdown or stop all aggregatorinstances.

In another embodiment, the alarms and statistics aggregator or likefunctionality 82 may be monitored. A monitoring agent may oversee thevarious aggregator processes and watch over the state of its servers orlike functionality, for example, to ensure the aggregator serviceremains available. The monitoring agent may perform appropriatenotifications to appropriate components or functionality if any problemsare detected during monitoring process. In another aspect, there may bemonitoring agents for other elements or functionalities in the supportnetwork.

In one embodiment, the alarms and statistics aggregator or likefunctionality 82 may maintain various counters and statistics relatingto the number of messages and events occurring within each aggregatorinstance. For example, each aggregator instance may track a list ofgateway appliances from which it has received incoming messages and/orthe number of incoming messages it receives from a gateway appliance;track the number of messages discarded due to its inability to translatea message from XMPP to SNMP, or from SNMP to XMPP; and track the totalnumber of messages discarded due to the unavailability of a gatewayappliance, etc. This information may be queried from each aggregatorinstance through the use of a SNMP get and stored in the NMS 85 for nearreal-time and historical reporting. The report may be available to thenetwork administrator for monitoring traffic levels across theaggregator instances. There may be an option, for example, for anadministrator to reset or clear one or more or all counters orinformation.

Logging is a useful function for troubleshooting events that occurwithin an application. The alarms and statistics aggregator may includea generic process responsible for logging messages. Logs of processingperformed by the aggregators may be recorded and stored. Such processingmay include, but not limited to, attempts to connect to message routers,failed connections including IP addresses and port numbers or FQDN ofmessage router, and lost connections, etc. In addition, incoming oroutgoing messages in the aggregator may be logged including, forexample, messages it failed to forward.

In addition, other network elements, servers or service functionalitiesmay be capable of logging events, statistics, and generating alarmsbased on various processing performed specific to each server orfunctionality in the support network. The alarms and statisticsaggregator may also interface with those network elements to collectvarious alarm and statistical data related to processing.

From the gateway appliance perspective, the gateway appliances may havethe ability to generate alarms when a pre-configured threshold value isexceeded on the device. A user may have an option to set the method bywhich the user may be notified when an alarm is generated. In oneembodiment, multiple notification events may be defined on theappliance. These notification events may be capable of being associatedwith different roles so that assigned user can be notified when theevent occurs. Examples of different methods of notification may includebut not limited to e-mail, a text or SMS message, instant messaging,personal page, TV, and telephone. Every role (types of users) may havethe ability to receive notification for any notification event. In oneembodiment, the same notification or alarm event may be notified inmultiple ways to the same user. Analogously, the same notification oralarm event may be notified in multiple ways to different users.

The generated alarms may be logged and their statistics generated.Similarly, other information may be logged and their statisticsgenerated. Alarms, logs, and statistics kept in the support network maybe accessed by a user at the gateway appliance using web servicesinterface in one embodiment. Further, HTML GUI may be provided for theuser to access the alarm, logs, and statistical information associatedtherein. Different levels of logging may be enabled or disableddepending on the access privileges set through configuration. Thegateway appliance, in addition, may be enabled to filter logs, alarms,and statistics based on search criteria.

Example functionalities based on which an appliance may generate logsand statistics are defined in Table 1.

TABLE 1 Sample of System Condition for logs and statistics to befunctionality generated monitor the CPU if the CPU utilization exceedspreconfigured utilization on a threshold values the system may create alog continuous basis Memory the amount of memory usage monitor the diskif the disk utilization exceeds preconfigured utilization on a thresholdvalues the system may create a log regular basis to capture:preconfigured threshold value current utilization level Keep track of ifunsuccessful login attempts are noticed the login attempts log shallcapture: date and time of the login attempt the userid of the loginattempt number of attempts made Track firewall Provide firewall processlogs probe attempts If the number of attempts exceeded the maximumallowed value within a preconfigured duration, the events may be logged.Track bandwidth 1. Log the status manager status 2. Log any throttlingactions 3. Log any pre-configurable thresholds

With respect to alarms generation, the gateway appliance is capableof: 1) displaying alarms on the network map of the user; 2) sendingalarm to the service provider; and 3) sending an alarm to the user.Any/all of these methods can be configured against a particular alarm.Example conditions under which alarms are generated are given in Table2:

TABLE 2 Name of alarm Condition for alarms to be Actions to be(examples) generated taken TEMP_ALARM If the temperature shutdown the GWthresholds on the devices device and that are temperature optionally:controlled are exceeded send an alarm to the OAMP Server notify theconfigured user DISKUTIL_ALARM the disk utilization exceeds notify thecritical levels configured user SYSDOWN_ALARM when applications or sendalarms to the subsystems are down or support network service faults aredetected notify the configured user FIRMUPFAIL_ALARM failed firmwareupgrade notify the configured user LOGIN_ALARM If the number of loginnotify the attempts exceeds the configured user configured maximum valuewithin a preconfigured durationBilling

The gateway appliance in an exemplary embodiment is an interactivedevice for a premise such as the home that enables users to purchase andactivate services. The support network 50 thus further may provide billcollecting capabilities for services rendered at the gateway appliance.Examples of services, for example, may include voice, media such asmovies and music, backup services, home automation, file sharing, andparental control, etc. Referring to FIG. 4, billing aggregator or likefunctionality 58 may communicate with the gateway appliances and thethird party service providers (e.g., VOD(s), CA(s), wholesale voiceproviders, backup services, etc.) to collect and correlate billingrecords.

In one embodiment, the gateway appliances and other network elements maygenerate records of billable events, which may be used for billing,verifications, troubleshooting, and other purposes. The gatewayappliances, for example, may record all billable events and send thedata to the billing aggregator or like functionality 58 using, forexample, the signaling control channel, for instance, via the messagerouter. This transmission of billing data may occur at a regularinterval or a predefined interval or at other desired time or period.

Thus, from a gateway appliance perspective, an appliance may keeprecords of usage information and events (referred to as event records)associated with services such as those associated with voice calls,media services, etc. In one embodiment, it may be possible to derivebilling data from a single event record without having to correlate withany other event record. The gateway appliance 10 interfaces, e.g.,transparently through the routing manager functionality, with billingcollector 58 and sends the event records to the billing collector orlike functionality 58, which collects event records from all gatewayappliance platforms. In one embodiment, the collection may be executedat predefined intervals, for example, as configured on individualgateway appliance 10. In one embodiment, the gateway appliance may becapable of initiating the transfer of the generated event records to thebilling collector, e.g., at configurable intervals.

An example protocol used for communicating the event records between thegateway appliances and the billing collector is XMPP, although notlimited to such. XMPP is defined in IETF RFCs 3920 and 3921. Forexample, the process of transferring the records generated by theappliances may be through the XMPP protocol and the application layerprotocol attributes. Example attributes of the XMPP protocol mayinclude: the appliance initiating a “message” stanza; the “to” attributecontaining the full JID of the billing collector or like functionality;a stream unique “id” assigned to the message; and the body of themessage containing the appliance generated event record in a stringformat. An example application layer protocol may contain data such as aunique message ID which may be different from the message of the XMPPlayer, message sequence number (e.g., 1, 2, 3, etc.), and total numberof bytes in the event record contained in the body of the XMPP“message.”

As mentioned, one or more gateway appliances 10 may communicate billableevents via XMPP messages that include billable events to the billingcollector or like functionality 58 via a message router or likefunctionality 62. In one embodiment, the message for the event recordtransfer from a gateway appliance 10 to the billing collector 58 may bea two-way handshake. Thus, in one embodiment, the billing collector 58sends an acknowledgment to the appliance for every message received. Theappliance may resend the message if it does not receive anacknowledgment, e.g., within a predetermined time. In one embodiment,when the billing collector 58 receives the message from the appliance,it checks the message for errors (e.g., whether the total number ofbytes in the enclosed event records is equal to the total number ofbytes mentioned in the application layer attributes parameter). If thereare no errors, the billing collector 58 writes the data to a file andstores it, e.g., on a storage device.

In one embodiment, the billing collector 58 then sends theacknowledgment to the appliance. The acknowledgment message, forexample, may contain the same message ID as the received message, sothat for instance the appliance can identify that it is a receipt of themessage sent. As mentioned above, in one embodiment, if the gatewayappliance does not receive the acknowledgment message within apredetermined wait-time, it may resend the message. Thus, in oneembodiment, the billing collector 58 may receive a re-send of theprevious message. However, in one embodiment, the billing collector 58need not know that it is a re-resend. Instead, in one embodiment, thebilling collector 58 may treat the message as if it were the firstmessage of its type. If an error occurred in the message, for example,the number of bytes in the received event records does not match thenumber of bytes in the message attribute, then the billing collector 58may formulate an error message and send it to the appliance. The messagemay contain an error reason, for example, “error in bytes received.”

Parental Control

Yet another functionality that may be provided in the appliance gatewayin conjunction with the support services network includes parentalcontrol. The parental control functionality in one embodiment may allowparents to track what their children are doing on their PC's or whatcontent children are watching, for example, on a media device such asthe TV or PCs, and provide an easy way for parents to grant permissionsfor children to watch a show on a remote TV or watch pay per viewcontent. Furthermore, the parental control functionality in oneembodiment may allow parents to monitor and control access to mediadevices such as a telephone providing voice services associated with thegateway appliance.

In one embodiment, software running on the PC as a background servicemay record all desktop activity as a video and distribute it to thegateway appliance to be stored on a hard drive. The video may bepublished on the local network using a protocol such as UPnP. Parentscan then view the video by connecting to the video stream hosted on thegateway appliance from a TV by using a set top box, which acts as anUPnP renderer. This unique method provides a near real-time view of allPC desktop activity from a remote and convenient location. Parents neednot have to go to the child's room to check up on any PC activity.Parents can track their child's PC habits while they are watching TV. Ifthe set top box is capable, the PC view could be shown withpicture-in-picture overlaid on the live TV signal.

In another embodiment, video content managed by the gateway appliance asa service may be accessed in the home on TV's using a set top box. Theservice provides a mechanism for parents to manage the parental controlsof the service content. When a child tries to watch a movie, but cannotsince it is blocked by parental controls, he may press a button on theremote to send a notification to parents TV to get permission to watch.On the parent's TV, a notification appears. Parent opens thenotification on TV, sees data about the movie, and then indicates withthe remote if the movie is allowed. If it is allowed, then the movie maybe unblocked for the child. If it is not allowed, the movies are stillblocked and the child may get a notification on his TV that the parenthas not given permission. This way the child does not need to run to theparent and provide explanation of the movie, or the parent need notindependently search for information about the movie in order to decidewhether to provide permission for viewing.

In yet another embodiment, the gateway appliance may provide a pay perview service. The gateway appliance may provide parents withconfigurable mechanisms to allow children to ask permission to watch payper view content. When a child wants to watch a pay per view movie, hepresses a button on the remote which then sends a notification to theparents, for example, using TV, SMS or email. The parent receives thenotification with all the information about the movie and the cost. Theparent can then indicate whether the movie can be watched. The gatewayappliance may have a web server to allow the parent to remotely specifypermission by hosting a web page, which can be accessed by a browser ona mobile phone or a link embedded in an email. If the parent grantspermission, then a notification may be sent to the gateway appliance toallow the payment. A notification may also be sent to the child's TVindicating permission was given. If permission is not given, then anotification may be sent to the child's TV indicating that decision.This mechanism allows parents to give their children permission to watchpay per view content remotely, without being at home. Parents can seethe information about the show and can directly control the paymenttransaction.

In another exemplary embodiment, the gateway appliance may provideparental control functionality with respect to voice services associatedwith the gateway appliance. For example, the gateway appliance may beassociated with a telephone device (i.e. a traditional PSTN telephonethrough an adapter, a session initiation protocol telephone, IM client)to provide managed voice services. An adult, by utilizing the exemplaryservice may monitor and manage all voice conversations the serviceprovides. As an example, a parent can press a button on a TV remote,which may display a list of all voice calls that have occurred in thehome with a particular telephone device. The gateway appliance may beconfigured to associate users with particular telephones such that theparent can monitor and manage access to specific voice servicesavailable to their children. By way of example, an adult can monitor aparticular telephone device usage by observing the time-of-day the calloccurred, the day-of-the-week the call occurred, the type of call (i.e.local, long distance, international), the length of the call, the dateon which the called occurred, the number called, and the number of thecalling party. Furthermore, through the gateway appliance, an adult canmanage a child's usage of a telephone device by limiting accessibilityof the device according to various parameters that may include, but notlimited to, the identity of the user, time of day, day of week, and typeof call. Thus, the gateway appliance provides parents a real-time viewof the voice services being as well as a method for managing the use oftelephone devices within the home.

The gateway appliance may keep track of all content that is beingwatched on the services it provides. A parent can press a button on a TVremote, which may display a list of all content that is currently beingwatched in the home. The gateway appliance may be configured toassociate users with particular media devices such as TVs such that theparent can see what content their children are watching on their TVs.This provides the parents a real-time view of the kinds of content theirchildren are watching. This mechanism also allows the parents to keeptrack of how much TV their children are watching.

In operation in one embodiment, functionality in a set top box (STB),for example, may overlay GUI on the live TV signal. The STB may have auniversal remote control, which allows the user to controlTV/cable/satellite functions in addition to one or more featuresprovided by the system and method of the present invention in oneembodiment. By pressing a special button on the remote control, agateway appliance menu system may be overlaid on the TV signal. A usermay then use the navigation buttons on the remote to select one or moregateway appliance features.

The parental control functionality may be established by a parentsetting preferences on the gateway appliance through a media device.Specifically, the parent may utilize a media device such as a TV or a PCthat is connected to the gateway appliance to establish certain parentalcontrol parameters. For example, a parent could limit their child'saccess to certain media devices based on the various parameters theparent entered into the gateway appliance. Parental control parametersthat may be established by a parent include, but not limited to, (i)limiting access to certain media devices for a certain user because oftheir identity, (ii) establishing a password for a specific media devicethereby not allowing an end user to access that device without thepassword, (iii) limiting access to a specific media device based on thetime of day, (iv) limiting access to a specific media device based onthe time-of-week restrictions, and (v) utilizing media content ratingsthereby restricting an end user from accessing certain media on a mediadevice that is deemed inappropriate for that end user based on the mediacontent ratings. Thus, a parent through a media device associated withthe gateway appliance may establish accessibility parameters that enablethe parental control functionality within the exemplary system.

In one embodiment, when a child tries to watch a movie that is stored ona gateway appliance, the STB may query the appliance if there are anyrestrictions on playing the movie. The gateway appliance in oneembodiment may keep a database of all of the parental control settings.The gateway appliance may use this data to decide if the movie can beplayed, for example, based on the ratings metadata of the movie. If themovie is locked by parental controls, the gateway appliance may informthe STB to display a list of options on the TV. The list of options maybe overlaid on the TV signal by the STB. One of the options may be toask the child's parent(s) or like for permission to watch the movie.When the child selects that option, a message is sent to the gatewayappliance. The gateway appliance may have a notification mechanism,which allows notifications to be sent to any device it manages. When thegateway appliance receives the request for parental controls permissionsmessage, it may use its knowledge of how to contact the parent(s) orlike and which device to send the notification. All users of gatewayappliance can use an interface such as a Web GUI to configure how theyshould be notified and for which notifications which devices should beused. This notification configuration data may be stored on the gatewayappliance, for example, in its database. If the parent(s) or like arewatching TV in their own room, then the gateway appliance may send thenotification and the metadata about the movie to the STB for that TV.The STB may overlay the message and movie data on their TV signal. Theparent(s) or like may be able to read the message and then select from alist of options how to respond to the child's request. When the parenthas made a selection using their remote control, that STB may send thatresponse back to the gateway appliance. The gateway appliance may sendthat response as a notification to the child's TV using its STB. If theresponse was to allow the movie to be watched, the RHC may remove thelock on the movie, and it may allow the movie to be streamed to thechild's STB. If the response was not to allow the movie to be watched,the child may not be able to play the movie and may be given the optionto pick another movie.

Voice Services

Voice services support is another capability provided by the gatewayappliance and networked services support infrastructure of the presentinvention. Subscribers have at their disposal a rich set of voiceservices including, but not limited to: anonymous call rejection; callforwarding (unconditional, call forwarding on busy, call forwarding onnot available); call hold; call logs; call pickup; call transfer, callwaiting; call waiting with caller ID; caller ID delivery; callerID/caller name blocking; caller name delivery; contacts/address bookmanagement; do not disturb; emergency call handling; fax support;international dialing support; message waiting indication for voicemail;national dialing support; selective inbound call restrictions; speeddial; three-way conference calling; and voicemail.

Where applicable, subscribers may configure features and services via aweb interface or using Vertical Service Codes (VSC). Call history forcalls received, calls originated, and calls missed may be provided inthe subscriber's personalized call portal. Complete voice package tocustomers may be offered as extensive voice network architecture.

In one embodiment, the subscription manager or like functionalityprovides the subscription information as well as configuration datainformation for voice provisioning details to the gateway appliance. Forinstance, the subscription manager or like functionality may receivemetadata regarding provisioning, e.g., information associated withconfiguration data needed to provide the service from the voice servicemanager or like functionality. In another embodiment, the gatewayappliance may request the configuration data information from the voiceservice manager or like functionality. The gateway appliance may thendownload the needed configuration data described in the metadata from,for example, the voice service manager or like functionality. The actualdownloading may occur at a later time or at the time the voice serviceis being provisioned. Exemplary voice services that may be provisionedat a gateway appliance include dial plan configuration andinbound/outbound routing configuration supported auto configurationdevice list.

FIG. 7 illustrates an example architectural diagram for providing call(e.g., voice or other media) processing in one embodiment. In-premise orin-home components may include gateway appliance 2002 of the presentdisclosure, SIP and FXS endpoints, possible in-home gateways, andsoftware clients. Support network components or like functionality mayinclude billing 2004, provisioning, network management 2008, and sessionborder controllers 2010. Examples of end user functionality may include,but is not limited to, voice services to home owners globally inmultiple countries; instant messaging contact list downloads withpresence functionality; office or email application contact listsdownloads; ability to make calls from IM clients to VOIP or PSTNterminations; ability to make calls from IP Phones to IM clients, VOIPor PSTN terminations; ability to make calls using “click-to-call” fromweb browser; ability to make video calls; ability to make calls fromtraditional phones (through a Phone Adapter) to IM clients, VOIP or PSTNterminations; ability for user to manage services from TV; if the homeowner has subscribed to a PSTN line, PSTN routing can be used as anoverflow option or as the primary choice, based on station; whole housevoice mail services; ability to make intercom calls based on publicnumbers or speed dial numbers; ability for the user to manage gatewayappliance contact lists, and other service attributes; voice servicesintegrated with other services on the same platform; ability to useinteractive voice prompts to manage services; and ability for one userto have multiple gateway appliance devices geographically scattered.Such a gateway appliance sub network may have common billing and allowthe user to move endpoints between gateway appliances.

From the support network or management perspective, call services may bemanaged and provisioned centrally and remotely (e.g., using web browsersor other interfaces), billing information and statistics records may becollected from the gateway appliances.

In one embodiment, if a user has subscribed to a PSTN line, PSTN accessmay also be provided. For example, a phone adapter/PSTN gateway 2012 maybe used to provide access to PSTN and an interface for traditional PSTNphones. Optionally, PSTN access may be provided through a break-out fromthe internet at a later point in the network.

Shown in FIG. 7, the appliance 2002 resides in-home, connecting tovarious end-user devices. The devices may be traditional phones 2014 andfaxes 2016 (e.g., through a phone adapter/PSTN gateway 2012), IP devices2018 connected over wired LAN or IP devices 2020 connected wirelessly.Appliance 2002 may also support connections to the in-country PSTN 2022(e.g., through a phone adapter/PSTN gateway or through break-out from aVOIP service providers network) to the Internet via broadband access2024 (e.g., via 802.11x WiFi, WiMax).

In one embodiment, the functionality between RHC and PAPG remaincountry-independent as much as possible. A user may be able to manageservice aspects utilizing a TV display and remote control, for example,using a media adapter (UPnP AV or other). A media adapter may be able tohandle context-specific (e.g., in relation to what is displayed on theTV) input from a remote control and communicate this to the appliance2002. This interface may be used for a user to select menu-driven items.

In one embodiment, services may be provided between in-home devices(e.g., 2012 . . . 2018) and remote devices (e.g., 2022 . . . 2026).In-home devices may include, but are not limited to: SIP endpoints(e.g., a SIP phone connected over ethernet or over 802.11x or a computerconnected over ethernet or over 802.11x, or other means); IM endpoints(e.g., devices capable of IM signaling over ethernet or 802.11x or othermeans such as computers and wireless phones); traditional FXS phones andFax machines, for example, connected via a phone adapter/PSTN gateway orlike devices, for example, making them appear like SIP endpoints togateway appliance 2002. Remote devices may include devices locatedoutside the home, worldwide. The actual end devices may be of multipletypes and is not required that they are visible to RHC. For instance,they may interact via SIP on a broadband interface or through the phoneadapter/PSTN gateway or like device or functionality. Remote devices mayinclude, but are not limited to: SIP phones (wireless or wireline)associated with a gateway appliance; external IP Phones (both gatewayappliance-based and non-gateway appliance based); PSTN phones; and IMclients.

In one embodiment, the gateway appliance 2002 may serve as an in-premiseserver responsible for call processing. PAPG 2012 may connecttraditional FXS phone/faxes or like, the PSTN, and gateway applianceplatform. Media adaptor 2028 may be used to allow a user control ofservices such as voicemail from such devices as TV. Further, there maybe provided media services for conferencing. IM 2030 may provide instantmessaging services to users with IM-capable platform and handle contactlists and associated management. Provisioning 2006 in general providesprovisioning services and gateway appliances and users. NMS 2008 maymanage and process alarms and other information from the gatewayappliance 2002, for example, received via aggregator functionality inthe support network. Billing 2004, for instance, collects billinginformation or billable events and records from the gateway appliance2002. SBC 2010 in general serves as an interface to a VOIP serviceprovider or like. This functionality 2010 may also provide securityfunctions. SIP directory/redirect server (shown at 2032) may providerouting and dynamic DNS (DDNS) server (also shown at 2032) may enablegateway appliance behind NAT, for instance, by correlating gatewayappliance FQDN to IP address. SIP location server (also shown at 2032)may provide location mapping functionalities.

Interfaces at the premise interfacing to the gateway appliance 2002 mayinclude wired local area network supporting, for example, including10/100 ethernet, multimedia (MOCA), and homePNA. The appliance 2002 mayalso support wireless interfaces such as 802.a, 802.b, and 802.gnetwork, etc. In addition, external interfaces such as traditional PSTNline interface between PAPG and CO, Cable, DSL or Fiber-based interfaceto ISP, and wireless broadband (Wimax or any other standard) interfacemay also be supported.

Example services, which may be supported by functionalities in thegateway appliance 2002 may include, but are not limited to: calls fromone home endpoint to another in-home endpoint (e.g., intercom calls);calls from a FXS phone behind a PAPG to the PSTN, VOIP network, or an IMendpoint; calls from a wireline or wireless SIP phone to the PSTN, VOIPnetwork, or an external IM endpoint; calls from an IM client on acomputer to the PSTN, VOIP network, or another external IM endpoint; aSIP phone may be registered in-home or externally from a remote location(such a location may be a wireline network or wireless (e.g., WIFI)hotspot; and origination using a click-to-call mechanism, where thetermination may be selected from a contact list using a browser from acomputer or phone or like. The origination may be another registereddevice.

The SBC may hide the details of the networked support servicesinfrastructure from the wholesale provider for inbound calls and hidethe details of the wholesale providers' VoIP network from the networkedSC. On calls inbound from the wholesale provider, the SBC sends a SIPinvite to the SIP redirect server and subsequently extends the callbased on a redirect (3XX) message received from the SIP directoryserver. On call requests received from the appliances, the SBC sends aSIP invite to the SIP directory server and subsequently extends the callbased upon a redirect (3XX) message received from the SIP directoryserver. Media may or may not be anchored to the SBC, depending onnetwork optimization requirements. The SBC also may record billingrecords and events for all SIP calls and send these records to thebilling collector or system.

Public SIP redirection and proxy servers or like functionality in oneembodiment may provide SIP proxy/redirect services to public remote SIPphones and devices. The public SIP proxy/redirect servers provide asimilar function for SIP requests as the public web servers for HTTPrequests, described above. The users of these servers may be remotebased WiFi or IP SP phones that need to register with the “home” gatewayappliance or place a call, which routes through the gateway appliance.The request is resolved by the DNS and directed to the public SIPserver, the public SIP server queries the location server and then,depending on the type of request and the accessibility of the gatewayappliance, the public SIP server may either proxy or redirects therequest. In one embodiment, all remote phone registration requests togateway appliance may be proxied by the public SIP server. These serversor like functionalities may have interfaces to the location server, theSBC, the VPN router/server or like functionalities and the gatewayappliances.

Off-Premise Voice Extension

An embodiment of the present invention allows an off-premise phone toregister with a gateway appliance as an extension to the phone serviceprovided via the gateway appliance. In this embodiment, a gatewayappliance or device may serve as an IP-based residential Private BranchExchange (PBX). This PBX may serve as a switchboard to route calls amongextensions as well as off-premise extensions, for example, for a phonesuch as an IP-based WiFi phone, which accesses the public internetthrough WiFi connection, or a computer-based soft client whichcommunicates in voice over IP technology and runs on a computer. One ormore functionalities at the support network 50 relay the registrationmessage, the call setup message as well as voice stream between the homePBX and the off-premise user.

As an example, with reference to FIG. 4, when a phone is powered on, itfirst connects with an available WiFi network, and then finds thesupport network 50, for example, a session border controller (SBC) 93 orlike functionality and sends out the registration message. For example,the call from the phone may be addressed to a particular domain, whichmay be resolved by DNS and directed to SBC 93. Similarly, a user maystart a soft client (soft phone) and key in user name, password, and theidentification of the home PBX. The soft client sends the registrationto the support network 50 and the support network 50 determines wherethe corresponding home PBX is and forwards the registration message. Thehome PBX records the location information of the phone. All consequentcalls can be established between the phone and the called party throughthe support network 50 and home PBX. The voice stream is establishedafter the signaling messages are exchanged.

In one embodiment, SIP server (SRS) or like functionality 92 may providesession routing, re-direction, and authentication on a session basis.Routing to gateway appliances 10 may be based on information (e.g.,appliance address, etc.), which for example, may be contained in adatabase, for example, updated by provisioning servers and locationservers 68 or like functionality. The information may be updated on areal-time or near real-time basis. Thus, for example, location server orlike functionality 68 may provide dynamic location data such as IPaddresses and port numbers of gateway appliances and presence (e.g.,voice service availability) indicator of a gateway appliance. SRS 92 inaddition may have capabilities to log events and generate alarms basedon various processing it performs.

The Session Border Controller (SBC) or like functionality 93 may providea secure network border control, for example, for voice and videoservices. The SBC 93 may act as a back-to-back user agent and mayprovide varying degrees of topology hiding, call routing, and accessscreening, etc. In one embodiment, the SBC may be relied on to providethe routing towards the various wholesale providers based on thedestination address returned by the SRS or like functionality 92. In oneembodiment, the information in the SRS 92 may originate fromprovisioning functionality (subscriber data) and/or operational data(provisioned on the SRS). In one embodiment, SIP interface is utilizedbetween the SRS 92 and SBC 93. A SBC may request call routing from theSRS 92. The SRS determines the appropriate routing of the call andreturns a response indicating how the SBC should handle the call.

In one embodiment, the SRS 92 is capable of receiving register messagesfrom SBC, locating a gateway appliance information for voice serviceusing gateway appliance ID. If the appliance information is found, theSRS 92 returns the IP address and port number. If the SRS does not findthe appliance, the SRS 92 may return a not found message to the SBC. TheSRS 92 is also capable of receiving invites from the SBCs 93, from theappliances 10. The SRS 92 may map the user part of the To address to thedestination address key, verify that the domain portion of thedestination address is correct. The SRS 92 also may determine whetherthe type of a call, e.g., “support network origination”, “off-premiseextension origination”, “non-support network origination”, for example,by receiving the invites over separate IP/port address combinations.

If the call is a “support network origination” call, the SRS 92 mayauthenticate the originating party. The SRS 92 may use the destinationaddress key to identify if the number belongs to a gateway appliance oris an outbound call, and try to find the destination IP address andoptionally port number. If the SRS 92 finds that the address entryexists in the database or like and that the gateway appliance and thevoice service on that gateway appliance is available, it returns theaddress. If the SRS 92 finds that the address entry does not exist, itmay assume that the call is for outbound. In this case, SRS 92 mayreturn the original To address as the contact address. This way, the SBC93 may determine routing to the appropriate wholesale provider based onthe target address in the contact header. The SRS 92 may return alogical identifier in the contact header to identify the logical routingto the SBC 93. For example, a header may be“informationprovider@wholesaler1.com”

For a “non-support network origination” call, similarly processingdescribed above for a “support network origination” call may beperformed except, for example, the origination party is notauthenticated.

If the call is an “off-premise extension origination”, the SRS 92 maymap the domain portion of the From address to the destination gatewayappliance key and queries database to find the matching gatewayappliance record. If it finds a matching record, the SRS 92 returns theIP address and port for the gateway appliance. If the SRS 92 does notfind the gateway appliance, it returns a not found response to the SBC93.

Location server or like functionality 68 in one embodiment, generally isresponsible for updating support network databases which, for example,may require real-time accessibility information. For instance, althoughnot required, as discussed above, a SRS 92 may comprise a database orlike which it queries for location information. A location server orlike functionality 68 in one embodiment interfaces with this database(e.g., via database supported interface) to update or load dynamiclocation data. In addition, the location server or like functionality 68interfaces with a gateway appliance, for example, using XMPP controlchannel. This interface may be used when a gateway appliance updates itsinformation during initialization or when its contact data changes.Thus, some example functionalities at the location server 68 mayinclude, but is not limited to the following: location server 68 mayreceive IP address and port combination from the gateway appliances asthey complete initialization or as they change IP address; accesschallenged gateway appliances may send the VPN accessible IP address andport; the location server 68 may set the availability indicator to“available” when it receives an IP address/port update from a gatewayappliance; the location server 68 may be capable of receivingavailability updates from XMPP framework; and in addition, the locationserver 68 may receive service indicator from a gateway appliance thattells which service the IP address and port applies. Like other networkelements of the support network 50, the location server or likefunctionality 68 may be capable of logging events and statistics andgenerating alarms based on its various processing.

Utilizing an off-premise extension facility in one embodiment disclosedherein, an off-premise phone user, thus, may initiate/receive externalcalls as if the user was still home. For example, an out-of-statecollege student can dial hometown buddies with this off-premiseextension phone and vice versa. An off-premise extension soft clientuser can call friends and families from overseas using internet access.Further, calls from the off-premise extension phone can be consolidatedwith the rest of the home extensions and can be reviewed at any time,for example, for billing and parental control. In one embodiment, theexistence of the support network 50 ensures the constant connectivitybetween the home PBX and the off-premise extension phone.

Billing Requirements VoIP

As mentioned, the gateway appliance is an interactive home device thatenables the home user to purchase and activate services offered by theservice provider. Some of these services are premium services such asmovies and music whereas others are non-premium services such as homeautomation and file sharing. For the VOIP service in particular, callrecords are generated by the gateway appliance that are maintained, notonly for billing purposes, but alternately utilized for other purposessuch as diagnostics, performance studies, statistics, and billingadjustments, etc. The billing collector is responsible for collectingthe call records from the gateway appliance and transferring them to thebackend billing system.

A billing interface is provided between the gateway appliance and thebilling collector element of the service center. Particularly, recordsare generated at the gateway appliance and are transferred to thebilling collector via XMPP protocol transfer using XML file structure.

Accounting Framework for the Gateway Appliance

In one example related to voice services, the gateway appliance capturesusage information associated with the VoIP events generated during thevoice call. Although the SBC generated records are utilized for billingthe call, if necessary, the gateway appliance generated event recordsmay be utilized for billing the call. The event records are selfcontained in that no correlation of the event records is required forbilling purposes.

Generally, associated with the accounting functionality programmed forthe gateway appliance, before the event records generated by the gatewayappliance are transferred to the billing collector the following occurs:gateway appliance is initialized; and the billing collector hasestablished a session with the routing manager. The gateway appliancemay initiate the transfer of the generated event records to the billingcollector at configurable intervals.

The gateway appliance utilizes the XMPP protocol as defined in IETF RFCs3920 and 3921 for transferring the files to the billing collector.Hence, the process of transferring the records generated by the gatewayappliance shall be defined through the XMPP protocol and the applicationlayer protocol attributes. The following define the attributes of theXMPP protocol: 1) the gateway appliance shall initiate a “message”stanza; 2) the “to” attribute includes the full JID of the billingcollector; 3) a stream unique “ID” shall be assigned to the message; and4) the body of the message includes the gateway appliance generatedevent record in a string format. The application layer protocol includesthe following data: 1) a unique message ID which is different from themessage ID of the XMPP layer; 2) a message sequence number (1, 2, 3,etc.); and 3) total number of bytes in the event record contained in thebody of the XMPP “message”.

As mentioned, with respect to the gateway appliance-billing collectorrecord transfer process, the message for the event record transfer fromthe gateway appliance to the billing collector is a two way handshakemessage. The billing collector sends an acknowledgment to the gatewayappliance for every message received. If an acknowledgment is notreceived, then the gateway appliance resends the message. The role ofthe gateway appliance in the gateway appliance-collector record transferprocess is defined as followed.

The gateway appliance formulates a XMPP protocol and application layerprotocol as per the attributes defined hereinabove and starts a timer inthe application layer when the message is sent out to the billingcollector. For the first message of its type, the value of the timer isequal to a pre-configured value. When the value of the timer hasexceeded its pre-set value (e.g., an acknowledgement has not beenreceived from the billing collector), then the gateway appliance shallresend the message. This message shall contain the same value for allthe XMPP and application layer attributes defined above, except for thefollowing application layer attributes: a) the message sequence numbershall be incremented by 1; and 2) the gateway appliance shall restartthe wait-timer in the application layer with the value of the timerincremented to e.g., previous value+5. After the message is sent to thecollector, the gateway appliance waits for the acknowledgment from thebilling collector. If an acknowledgment has not been received by thetime the wait-timer has exceeded the set value, then the gatewayappliance shall repeat steps 4 and 5 each time incrementing the messagesequence number by one and the wait-timer by 5 seconds. If after the5^(th) attempt (i.e., message sequence number=5) the gateway appliancedoes not receive an acknowledgement, then the gateway appliance willstop sending the message and generate a critical alarm. If the gatewayappliance receives an error response form the collector with a reasonvalue of “Error in Bytes received”, then the gateway appliance shallresend the message to the collector. The message shall contain the samemessage ID (in the application layer) as the previous message, but themessage sequence number shall be incremented by 1. The value of thewait-timer shall be set to the same value as the previous message forwhich the error response was received.

The event records generated by the gateway appliance for the VOIPservice are now described. These records are generated in response tosignificant events detected by the gateway appliance during a call.These events are: 1) start; 2) stop; and 3) inter.

The format of the records is mostly based on the Internet ProtocolDetail Record (IPDR) standards. The following table specifies the fieldsthat are generated by the gateway appliance. The fields contain a subsetof the IPDR and the fields given in italics are proprietary fields.

FIG. 1C depicts the concept of the ingress and egress with respect tothe gateway appliance and this concept is used to capture values in thefields described on the gateway appliance CDR. The components, servers,services, etc., described in the present disclosure illustrate logicalfunctionalities and they are not meant to be limiting in any way.Rather, they may be implemented as one or more applications, devices orthe like, depending on design and implementation choice. In addition,the various functionalities may be implemented on a distributed orcentral platform.

Data Possible Attribute type values Description 1 CDR sequence number 2Hostname gateway appliance JID 3 IpAddress gateway appliance IP address4 gateway appliance firmware version 5 ingressAccessStartTime dateTime2006-11-3- When the first INVITE is (GMT) T22:50:00.000Z received fromthe calling party 6 ingressStartTime dateTime 2006-11-3- When ACK isreceived for (GMT) T22:50:00.000Z 200OK 7 ingressAccessEndTime dateTime2006-11-3- When the first BYE is (GMT) T22:50:00.000Z received/sent 8ingressEndTime dateTime 2006-11-3- the same as above (GMT)T22:50:00.000Z 9 egressAccessStartTime dateTime 2006-11-3- When thefirst INVITE is (GMT) T22:50:00.000Z received 10 egressStartTimedateTime 2006-11-3- When the ingress call is (GMT) T22:50:00.000Zanswered with 200OK 11 egressAccessEndTime dateTime 2006-11-3- When thefirst BYE is (GMT) T22:50:00.000Z received/sent 12 egressEndTimedateTime 2006-11-3- the same as above (GMT) T22:50:00.000Z 13ingressCallDuration Integer 18000 Value in milliseconds from (ms)ingressStartTime to ingressEndTime 14 egressCallDuration Integer 18000Value in milliseconds from (ms) egressStartTime to egressEndTime 15timeZoneOffset Integer  −300 Time offset, in minutes, of local time zonereferenced to GMT. Local time zone should reflect calling party timezone for correct billing 16 ingressCallID String Unique call ID ofingress call 17 egressCallID String Unique call ID of egress call 18ingressANI String 5000@alice.ros.com Calling Party ID of the ingresscall 19 IngressSubscriberID Extension number of the gateway applianceendpoint (if A -> B, in an inbound call, this will be empty; in anoutbound call, this will be the ext of A) 20 egressANI String5000@alex.ros.com Calling Party ID of the egress call (if A -> B, in aninbound call, this will be the ext of B; in an outbound call, this willbe the DN of B) 21 EgressSubscriberID Extension number of the gatewayappliance endpoint (if A -> B, in an inbound call, this will be the extof A) in an outbound call, this will be empty) 22ingressOriginalDestination String 5000@alice.ros.com OriginalDestination ID of the ID ingress call (If A -> B CF C, then this fieldshall contain B which is the originally dialed number) 23ingressDestinationID String 5000@alice.ros.com Destination ID of theingress call (If A -> B CF C, then for an inbound call where B is agateway appliance SIP endpoint then this field shall contain C; for anoutbound call where A is the gateway appliance SIP endpoint then thisfield shall contain B) 24 egressOriginalDestination String5000@alice.ros.com Original Destination ID of the ID egress call; (If A-> B CF C, then for an inbound call where B is a gateway appliance SIPendpoint then this field shall contain B; for an outbound call where Ais the gateway appliance SIP endpoint then this field shall contain B)25 egressDestinationID String 5000@alice.ros.com Destination ID of theegress call (If A -> B CF C, then for an inbound call where B is agateway appliance SIP endpoint then this field shall contain C; for anoutbound call where A is the gateway appliance SIP endpoint then thisfield shall contain B) 26 DNIS Dialed Numbe Identification Service for2-stage dialing. 27 PIN Personal Identification Number 28 Ingress signaltype Either WAN or LAN (FIG. 1C) 29 Egress signal type Either WAN or LAN(FIG. 1C) 30 gateway gateway appliance ingressapplianceingressSignaladdress^((Note2)) signaling IP address (FIG. 1D)31 gateway gateway appliance ingressapplianceingressSignalPort^((Note2)) signaling IP port (FIG. 1D) 32gateway gateway appliance egress applianceegressSignaladdress^((Note2))signaling IP address (FIG. 1D) 33 gateway gateway appliance egressapplianceegressSignalPort^((Note2)) signaling IP port (FIG. 1D) 34gateway gateway appliance ingress applianceingressMediaaddress^((Note2))media IP address (FIG. 1D) 35 gateway gateway appliance ingressapplianceingressMediaPort^((Note2)) media IP port (FIG. 1D) 36 gatewaygateway appliance egress applianceegressMediaaddress^((Note2)) media IPaddress (FIG. 1D) 37 gateway gateway appliance egressapplianceegressMediaPort^((Note2)) media IP port (FIG. 1D) 38silenceCompressionMode On/OFF 39 thirdPartyID String Bob.ros.com Thirdparty ID if PaymentType value is charged to 3^(rd) party 40 callTypeString A Type of Call (Administrative) I (IVR) N (no answer) V (voice) D(data) F (fax) 41 paymentType String Toll-free, Indication of whichparty pays charge_to_calling_party charge_to_called_partycharge_to_3^(rd)_party 42 callProgressState State to which the callprogressed 43 callCompletionCode String CC: Call Final call completioncode for completed billing use. normally CIP indicates event-driven CAD:IPDR, which is generated Abnormal ruing call/connection progress,disconnect UCN: unconnected network failure UCI: unconnected invalidaddress CIP: Call in Progress 44 DisconnectReason String NormalCallReason that call was Clearing disconnected based on Call noAnswerCompletion Code busy failure 45 extendedReasonCode Further disconnectinformation 46 Disconnect initiator Indicates if Bye was sent orreceived by the gateway appliance 47 proprietaryError gatewayappliance-specific use. 48 ingressFeature String R(Roaming) Indicateswhat type of feature L(Line) (For an inbound call A -> B E(Extension)where A is roaming and B is extension, then this field shall contain R)49 egressFeature String R(Roaming) Indicates what type of featureL(Line) (For an outbound call A -> B E(Extension) where B is roaming,then this field shall contain R; if A is roaming and B is a DN, thenthis field shall contain L) 50 ingressCodec String G711Alaw, CODEC beingused G711ulaw, G726, G729, G729a, G.729e, iLBC 51 egressCodec StringG711Alaw, CODEC being used G711ulaw, G726, G729, G729a, G.729e, iLBC 52supplementaryService String Call Name of supplementary forwarding,service used in this call call transfer 53 ingressInboundPacketCountInteger Number of packets received on ingress 54ingressOutboundPacketCount Integer Number of packets sent on egress 55egressInboundPacketCount Integer Number of packets received on ingress56 egressOutboundPacketCount Integer Number of packets sent on egress 57ipAddressIngressDevice String 66.226.243.247 SBC's address for incomingline call 58 ipAddressEgressDevice String 66.226.243.247 SBC's addressfor outgoing line call

The following table defines the association between the FIG. 1C(signaling type) and FIG. 1D (gateway appliance interface IP address andport).

Ingress Egress gateway appliance gateway signaling signaling ingressappliance egress type type signaling/media signaling/media (FIG. 1C)(FIG. 1C) interface (FIG. 1D) interface (FIG. 1D) LAN LAN 4 3 LAN WAN 42 WAN LAN 1 2 WAN WAN 1 3Call Forwarding and Transfer Scenarios

There are two types of call forwarding (CF) scenarios: 1) unconditional;and 2) no answer. A call is considered transferred when A calls B and Banswers the phone and then transfers to C. The following example casesdescribe the population rules for the corresponding CDR fields for CFand call transfer scenarios.

Call Forwarding Scenarios for the Inbound Call

Consider the scenario A->B CF C. Call forwarding of B can only beperformed to an off-net number and not to another extension. Hence, thefollowing example cases 1)-3) are considered: in all the cases, only oneCDR is generated by the gateway appliance and all the egress informationwill be that of the B->C call leg.

Cases A party B party C party 1 Off-net In-house Off-net 2 RoamingIn-house Off-net 3 Roaming Roaming Off-netExample Case 1

1) ingressAni DN of A (offnet number) 2) IngressSubscriberID empty 3)Egress Ani DN of B (DN of gateway appliance) 4) EgressSubscriberIDextension of B 5) ingressOriginalDestinationID: B 6)ingressDestinationID C 7) egressOriginalDestinationID B 8)egressDestinationID C (offnet number) 9) ingressFeature: L 10)egressFeature: L (since call cannot be forwarded to another extensionthis value will be always L) 11) ingressSignal type WAN 12) egressSignaltype WAN 13) supplementary service call forwardingExample Case 2

1) ingressAni DN of A (DN of gateway appliance) 2) ingressSubseriberIDExtension of A 3) egress Ani DN of B 4) egressSubscriberID Extension ofB 5) ingressOriginalDestinationID: B 6) ingressDestinationID C (offnetnumber) 7) egressOriginalDestinationID B 8) egressDestinationlD C 9)ingressFeature: R 10) egressFeature: L (since call cannot be forwardedto another extension this value will be always L) 11) ingressSignaltype, WAN 12) egressSignal type WAN 13) supplementary service callforwardingExample Case 3

1) ingressAni DN of A (DN of gateway appliance) 2) ingressSubscriberIDExtension of A 3) egress Ani DN of B 4) egressSubscriberID Extension ofB 5) ingressOriginalDestinationID: B 6) ingressDestinationID C (offnetnumber) 7) egressOriginalDestinationID B 8) egressDestinationID C 9)ingressFeature: R 10) egressFeature: L (since call cannot be forwardedto another extension this value will be always L) 11) ingressSignal typeWAN 12) egressSignal type WAN 13) supplementary service call forwardingCall Forwarding Scenarios for the Outbound Call

For the outbound call, the following example cases 1)-5) are considered.All the egress information will be that of the B->C call leg.

Cases A party B party C party 1 In-house In-house Off-net 2 In-houseOff-net Off-net 3 In-house Off-net In-house 4 In-house Off-net roaming 5In-house Roaming Off-netExample Case 1

1) ingressAni DN of A (DN of gateway appliance) 2) ingressSubseriberIDextension of A 3) egress Ani DN of C 4) egressSubscriberID Empty 5)ingressOriginalDestinationID: Extension of B 6) ingressDestinationID C(offnet number) 7) egressOriginalDestinationID C 8) egressDestinationIDC 9) ingressFeature: E 10) egressFeature: L (since call cannot beforwarded to another extension this value will be always L) 11)ingressSignal type LAN 12) egressSignal type WAN 13) supplementaryservice call forwarding

Example Case 2: The gateway appliance actually has no knowledge of theB->C call. So the CDR will be populated with the A->B call leg values.

1) ingressAni DN of A (DN of gateway appliance) 2) ingressSubseriberIDExtension of A 3) egress Ani DN of A (DN of gateway appliance) 4)egressSubscriberID Extension of A 5) ingressOriginalDestinationID: DN ofB (offnet number) 6) ingressDestinationID DN of B (offnet number) 7)egressOriginalDestinationID DN of B (offnet number) 8)egressDestinationID DN of B (offnet number) 9) ingressFeature: E 10)egressFeature: L 11) ingressSignal type LAN 12) egressSignal type WAN13) supplementary service empty

Example Case 3: This scenario is considered as 2 independent calls andhence 2 CDRs are created, one for AB call leg and the other for BC callleg. AB call leg will be an outbound call and BC call leg will be aninbound call.

AB Call Leg CDR:

1) ingressAni DN of A (DN of gateway appliance) 2) IngressSubscriberIDExtension of A 3) Egress Ani DN of A (DN of gateway appliance) 4)EgressSubscriberID Extension of A 5) ingressOriginalDestinationID: DN ofB (offnet number) 6) ingressDestinationID DN of B (offnet number) 7)egressOriginalDestinationID DN of B (offnet number) 8)egressDestinationID DN of B (offnet number) 9) ingressFeature: E 10)egressFeature: L 11) ingressSignal type LAN 12) egressSignal type WAN13) supplementary service emptyBC Call Leg CDR:

1) ingressAni DN of B (DN of gateway appliance) 2) IngressSubscriberIDempty 3) Egress Ani DN of B (DN of gateway appliance) 4)EgressSubscriberID empty 5) ingressOriginalDestinationID: DN of C (DN ofgateway appliance) 6) ingressDestinationID DN of C (DN of gatewayappliance) 7) egressOriginalDestinationID DN of C (DN of gatewayappliance) 8) earessDestinationID DN of C (DN of gateway appliance) 9)ingressFeature: L 10) egressFeature: E 11) ingressSignal type, WAN 12)egressSignal type LAN 13) supplementary service empty

Example Case 4: This will be considered as 2 independent calls and hence2 CDRs will be created, one for AB call leg and the other for BC callleg. AB call leg will be an outbound call and BC call leg will be aninbound call.

AB Call Leg CDR:

1) ingressAni DN of A (DN of gateway appliance) 2) IngressSubscriberIDExtension of A 3) Egress Ani DN of A (DN of gateway appliance) 4)EgressSubscriberID Extension of A 5) ingressOriginalDestinationID: DN ofB (offnet number) 6) ingressDestinationID DN of B (offnet number) 7)egressOriginalDestinationID DN of B (offnet number) 8)egressDestinationID DN of B (offnet number) 9) ingressFeature: E 10)egressFeature: L 11) ingressSignal type LAN 12) egressSignal type WAN13) supplementary service emptyBC Call Leg CDR:

1) ingressAni DN of B (DN of gateway appliance) 2) IngressSubscriberIDEmpty 3) Egress Ani DN of B (DN of gateway appliance) 4)EgressSubscriberID Empty 5) ingressOriginalDestinationID: DN of C (DN ofgateway appliance) 6) ingressDestinationID DN of C (DN of gatewayappliance) 7) egressOriginalDestinationID DN of C (ON of gatewayappliance) 8) egressDestinationID DN of C (DN of gateway appliance) 9)ingressFeature: L 10) egressFeature: R 11) ingressSignal type WAN 12)egressSignal type WAN 13) supplementary service Empty

Example Case 5: The ingress CDR includes the information of the AB callleg and the egress CDR contains the information of the BC call leg.

1) ingressAni DN of A (DN of gateway appliance) 2) ingressSubscriberIDExtension of A 3) egress Ani DN of B 4) egressSubscriberID Extension ofB 5) ingressOriginaiDestinationID: Extension of B 6)ingressDestinationID C (offnet number) 7) egressOriginalDestinationIDExtension of B 8) egressDestinationID C (offnet number) 9)ingressFeature: E 10) egressFeature: L (since call cannot be forwardedto another extension this value will be always L) 11) ingressSignal typeLAN 12) egressSignal type WAN 13) supplementary service call forwarding

It is desirable to provide systems and methods that enable enhancedmanaged services while supporting and managing the emerging digitalhome. It is a feature of the present invention to include a system, suchas the gateway appliance thoroughly described herein, that can offerenhanced managed services to its users via incorporation of causationand correlation engine abilities. A causation and correlation engine canbe personalized and enable broader services for system/gateway users.The enhanced features can be referred to as being provided by a PersonalCausation and Correlation Engine (or “PCCE”). Areas where a PCCE can beused include establishing objectives, tracking performance, andinfluencing behavior and conformance in the areas of financial, healthmedical objectives, exercise, nutrition, advertising, home security,purchasing, and energy conservation, etc.

The PCCE enables users and others to establish objectives andpreferences in regards to various aspects of a users' condition andbehavior and the PCCE correlates events and data and determinesmessaging, communication, special offers, rewards, and other incentivesto cause the user to comply with certain behavior or actions. Users,coaches, recognized authorities or others may establish objectives.Based upon a vast array of real-time or near real-time events, storeddynamic data, profile information, and records of the previouseffectiveness of prior causation actions, the PCCE identifiesappropriate opportunities and methods of personalized communication toinfluence causation actions. This communication can be tailored for eachuser based upon user preferences and what can be known about the userand their environment. The PCCE may also leverage information regardingthe user's social media contacts to establish influence and can alsoenlist the support of social media contacts to influence the user. Theuser's social media contacts may be incented to provide influence bysending messages and other communication to the user; these incentivesfor contacts and friends are personalized and tailored based upon whatcan be known about each specific social media contact. Informationreflecting the correlated data and instigating event(s) are submitted toexpert rules-driven applications and personalized messaging and eventsare created which cause the user to make decisions and perform actions,which are complementary to the user's personalized objectives. Somerules driven applications (such as home automation) can be controlledpartially or exclusively by the user, while others, such as e-health,can be controlled by experts or other 3^(rd) parties. The PCCE caninteract with both an advertising server and one or more rules-basedapplications to formulate causation actions and messaging.

High Level Processing with PCCE

When the PCCE determines there is an opportunity or need forcommunication based upon real-time and near-real time instigatingevents, the PCCE will determine, based upon prioritization andobjectives, the attributes of the desired communication, the method ofcommunication and the type of communication as expressed by the userand/or determined by the PCCE, and can formulate or update an encodedtoken, which represents the opportunity, the type and method of desiredcommunication. These token segments can be stored and maintained (thatis updated based upon events) for each individual in the home and thehome in general. The encoded token can be passed to the appropriaterules-based application component. The messaging component can be anapplication specific messaging component with rules that are controlledby medical professionals and behavioral scientists such as seen in ane-health app or the intelligent ads server, which can interoperate withanother 3^(rd) party component such as a rules-based advertisingplatform.

Based upon the attributes expressed in the PCCE token, the messagingcomponent can return data indicating the messaging identifiers, content,and other messaging attributes. The PCCE agent will process thisinformation and invoke the communication and direct the communication tothe “best” user interface(s) using the “best” (best-rated as mosteffective) method for that interface and based upon what is known aboutthe user (and an attribute indicating if the message should be displayedin public (TV, etc.) or private interface). The PCCE can also determinethat a social media contact may be enlisted in the causation (thesecontacts may be selected and prioritized by the user or other coaches),and the PCCE may express this in the token that can be sent to themessaging components. The messaging component can respond back with datathat enables the PCCE agent to invoke communication to the social mediacontact to cause and incent the social media contact to communicate withthe user to influence their behavior. The PCCE can also dynamicallystore and correlate the metadata of responsiveness of the user to priormessaging; these metrics and rankings can be used for subsequentcausation decision-making and can be submitted to the rules basedapplications.

The PCCE can also integrate messaging and advertising and incentivemessaging to provide enhanced encouragements for users and providingcompelling incentives for positive actions. The PCCE can also supporttwo or more users as groups with common objectives and enable sharing ofevents and actions among the groups. The real-time events, dynamic data,profile information, and other user data from each domain is stored andindexed as domain-specific metadata. This metadata is processed by thecorrelation component to create token segments, which are then passed tothe causation component. The correlation component may interact withservice applications to establish thresholds for specific metrics (e.g.weight, energy usage, spending levels/month) and request to be informedof when these thresholds are met or exceeded. The PCCE may also detectand incorporate information about the location and presence of otherfamily member users or their location when formulating a causationevent.

The PCCE can enable users and others to establish preferences regardingapplication/domain specific items (e.g., preferred food types, types ofexercise, timing of exercise, sedentary durations, shopping preferences,etc.). Attributes, meta-data, and token information may be kept privateusing a data encryption unit 162 and/or other application-levelencryption. The user's identity may or may not be exposed to themessaging and advertising components. Messaging and interaction can bedirected towards one or more endpoints and may also invoke actionswithin other applications such as the home and energy managementapplications.

In some cases, the PCCE may enable messaging and interaction on oneendpoint, such as a TV or mobile device (smart phone, tablet, etc.), andthe user may be prompted to enable supplemental interaction on anotherendpoint such as a mobile device or TV. The PCCE stores records/logs ofthe initial interaction and correlates the subsequent interaction eventson the second screen with the initial interaction and user. Records ofscreen specific interaction can be stored for a configurable period oftime, or for a configurable number of interaction events. Uponinitialization, initial token in the form as metadata “documents”instances are formulated by the correlation component. The correlationcomponent stores a copy of current token instances and retrieves thesedocuments upon subsequent restart.

The configuration of metadata indexes, which form the token documents tobe stored, can be under control of the service management center andbased upon the service applications 130 provisioned via the servicemanagement and support center 50. After the tracking indexes areestablished, the PCCE requests data from each service application and/orAPI, and also registers to be informed of events and data changes withineach service and platform application. Depending upon configurationoptions controlled by the service management center 50, the user may beable to delete the personal data and metadata and “opt” out of thecausation processing. The user may also be able to export the data to apersonal device or storage area.

PCCE Component Descriptions:

Real-time and near real-time events—These events are generated byvarious components and applications such as calendar, weather &forecast, home automation, energy management, e-health, location andproximity, social media, music/media services, and other applications.Dynamic Data and Trends—These data types can access and acquire datarelated to home, health, and financial, etc., conditions. The value of a(meta) data element may trigger an event, also complex datasets andcontent may be processed down to metadata and stored as key value pairsof meta-data. This metadata is stored, prioritized, and indexed (by theapp or the PCCE) and subsequently processed by the correlationcomponent, which will formulate personalized token segments.

Profile—These data types are generally more static and less dynamic thanthe real time events or dynamic data. The profile information includesdata that is stored on the gateway or can be acquired via web servicecalls (and cached) or other types of remote access. As the profile datais processed, meta-data is generated and stored and this meta-data isused by the correlation component, which will formulate personalizedtoken segments. User/Expert Objectives—These data types are meta-datawhich represent the domain-specific objectives, which could beestablished by the user or domain specific objectives. The correlationengine accesses this data and personalized token segments.

Historical Responsiveness—metadata that the PCCE uses to expressprevious effectiveness at causation can be used by the PCCE in tokenformulation and also accessed by 3^(rd) parties (analytics, etc.) totrack and measure effectiveness. Correlations Component—formulates (andcan maintain) token segments based upon access to all metadata (events,dynamic data, profile, objectives, etc.). CorrelationsComponent—formulates and maintains token segments based upon access toall metadata, receives triggering events, updates the metadata tokensegments, and passes triggering event and token segments to causation(events, dynamic data, profile, objectives, etc.).

Causation Component—receives triggering event and metadata token,determines which rules/apps platforms to submit to, constructs andencodes token based upon target rules/apps platforms, and passes tocausation agent. Causation Agent—receives encoded token, encrypts androutes to rules/apps platforms, receives response from rules/apps, andformulates API service calls to application interfaces based upon theresponse from the rules platforms.

Referring to FIG. 8, the drawing depicts a high-level view of PCCEmodule 2201, which is associated with the services layer 130 within theapplication gateway. Application services interfaces 140 operating aspart of the PCCE interacts with internal components such as theIntelligent Ad Server 130 l. Other layers associated with the PCCE arethe Platform management layer 110, service Framework layer 120 and theservices layer 130. Applicant Service interfaces 140 can include: SIPinterface 141, Web interface 142, IM interface 144, XMPP Interface 145,UPnP Interface 147 and Web Services 149. The services layer 130 caninclude the following modules: File Share manager 130 a, Backup Server130 b, Home Storage 130 c, Network Device Manager 130 d, Basic PhotoEditor 130 e, Home energy & Automation Controller 130 f, Media ServiceModule 130 g, E-health Manager 130 n, Intelligent Ads Manager 1301,Parental Control 130 k, Presence & Networking 130 j, Voice Mail/IVRServer 130 i, Call Processing Module 130 h, Personalized Correlation &Causation 130 m. Services Framework 120 can include the followingmodules: Billing manager 120 a, Fault manager 120 b, Database Management120 c, configuration Management 120 d, User Management 120 e, Statisticsmanager 1120 f, Device Authentication Manger 120 g, Control ChannelInterface 120 h, Service Manager 120 i, REST Client 120 j. PlatformManagement 110 can include the following management modules: PlatformManager 110A, Scheduler Manager 110B, Diagnostic Manager 110C, FirmwareUpgrades Manager 110D, Resources Manager 110E, Display manger 110F, andLogger manager 110G.

FIG. 9 provides an expanded view of drawing 21 depicting the PCCE 2201module within the software architecture of the application gateway 10.Utilizing the framework and interfaces previously described in FIG. 2C,the PCCE can communicate with other internal and external componentsincluding, but not limited to, application service interfaces 140,application services 130, services framework modules 120, and platformmanagement components 110.

FIG. 10 provides a detailed view of the PCCE 2201, the PCCE sub-modulecomponents, and a logical view of the exemplary sources of data andevents acquired and utilized by the PCCE 2201. The PCCE 2201 iscomprised of three sub-modules, the correlation 2201 a module, thecausation sub-module 2201 b, and the causation agent sub-module 2201 c.Together, these three sub-modules access data, receive events, andinteract with internal and external application services andexpert-driven rules platforms to deliver user messaging and coaching,invoke application actions, present incentives, and influence userbehavior. The logical view of the data and events depicted in FIG. 10can include real-time events 2401, dynamic data and trends 2402, andprofile data 2403. Real-time events 2401 are events that arecommunicated from devices and applications such as, but not limited to,the home energy and automation controller and sensor devices that can bedeployed throughout a venue or environment, automatically controlledlighting or lamp units, and laptop/mobile devices connecting as clientsto the gateway 10. Dynamic data and trend data 2402 represent changingdata such as, but not limited to, weather forecasts, stock portfolioinformation, and e-health monitoring statistics. When this type of datareaches a configurable threshold, a message indication is routed to thePCCE correlation sub module 2201 a. Profile data 2403 is data that isgenerally more static, less dynamic data such as, but not limited to,user preferences, demographic information, family medical history data,application usage statistics, and the like. Real-time events 2401 areevents communicated via internal or external messaging from otherapplications, the service management center or the application gatewayitself. The PCCE can poll the internal and external sources of data andevents at configurable interval; the PCCE can also register or subscribeto be informed of application events or data changes.

Now turning to the PCCE 2201 and sub-modules, the 2201 a correlationsub-module establishes meta-data indexes based upon application gateway10 configuration data that is provisioned by the service managementcenter and the configuration data is based upon the applicationservices, which the user subscribes to. These metadata indexes, whichcan be stored as xml, text string formats, or relational data formats,can contain a category such as “shopping”, and a primary sub-categorysuch as “women's apparel”, then a secondary sub-category such as“shoes”, then a specific value such as “running shoes”. These xml, textstring data, or relational data are stored in persistent storage andmaintained as an in-memory document and are updated as new events andevented data are received. As another example of the type of data thatis stored in the meta-data indexes, the correlation sub-module may havemeta data related to e-health such as “e-health”, “medicationtaken=cholesterol”, “brand=xyx”, “quantity=20” “unit=mg”,“frequency=once per day”. The event data can be stored with time stampsand an indicator indicating the type of event. A meta-data documentinstance may be maintained for each user registered within the premiseand another meta-data document instance may be maintained for the homeor user premise itself. The meta-data document instance may also containdata relating to a user's social media contacts and their preferences.Depending upon the type of event received, the correlation sub-module2201 a may determine that a token may need to be formulated from one ormore of the meta-data instances with an event indicator and one or moreinstances of meta-data for a user and or for the home. The correlationsub-module 2201 a will formulate the token and pass this token to thecausation sub-module 2201 b. The causation sub-module 2201 b willreceive the token and determine what screens may be available formessaging, what rules-based platforms and social networks should beengaged, and passes this information to the causation agent 2201 c alongwith information on what platforms should be engaged and what screensshould be subsequently addressed with messaging that will be receivedfrom the rules-based platforms. It should be noted that in order toincrease performance, the token may be further compressed and passed asan index with the format of the index being known by the internal orexternal rules-based platforms. With this method, the events andattributes of the user may be passed to the rules-based and/oradvertising platforms, but the actual identity of the user may not beexposed to the third party platform. This method is a significantdeparture from the well-known internet browser-based “cookie” method oftracking users and supplying advertising and other services. In the“cookie method”, a string of data is stored within the user's browser,which identifies the user. All attributes and preferences are stored onback-office systems and the user often has limited knowledge of orcontrol of the data. With the present attribute-based token method, theback-office systems are presented with attributes and the back officesystems determine responses based upon the attributes presented, notnecessarily upon the identity of the user. The causation agentsub-module 2201 c receives the token from the causation sub-module 2201b and based upon the attributes of the token and the routing meta-data,optionally encrypts the token and routes the token to the rules-basedplatforms via the application services interfaces 140 and awaits aresponse. Note that the causation agent may send and receive more thanone token to more than one rules-based platform per instigating event.Upon receiving a response(s) from the rules-based platform(s), thecausation agent 2201 c encapsulates the response and routes the responseto all applicable local or remote devices (30 a), media adapter element35 b, set top boxes 35 a, TVs and screens as shown in FIG. 1a , andapplication services 130. The PCCE may also cache messaging andadvertisements, including videos, which may be presented to the user ata later time or when the screen becomes active.

The PCCE 2201 may also subsequently receive information regarding thesubsequent user responses to the message or advertisement. This userresponse information is stored and can be used as meta-data in the indexdocument indicating the success rate of different types of messaging.With this method, the historical record of a user's compliance orresponsiveness can be subsequently presented to rules-based platformsand can be used when formulating subsequent communications. This userresponse information may also be retrieved by the service managementcenter, which can aggregate and summarize the relative success ofspecific messaging and this summary may also be distributed to otherapplication service gateways 10 and the rules-based platforms.

FIG. 11 illustrates an example of meta-data collection and eventprocessing as carried out by the PCCE 2201 appliance and system of thepresent invention in one embodiment. Step 2510 performs data collectionand the formulation and maintenance of the meta-data documentinstantiation(s), including setting the values of the meta-data indices.At step 2520, the correlation sub-module 2201 a receives a triggering orinstigating event and updates the meta-data token and determines if theevent requires the correlation sub-module 2201 a to notify the causationsub-module 2201 b. This notification criteria is configurable and underthe control of the service management center 50. The correlationsub-module 2201 a updates the meta-data token and the triggering eventsand if the triggering event is found in the event table lookup, thecorrelation sub-module 2201 a prepares this token instance to send tothe causation sub-module 2201 b. At step 2530, the causation sub-module2201 a receives the events, and based upon the triggering event ID andthe meta-data token value, the causation sub-module 2201 b determineswhat rules-based platforms the token should be directed towards. Thisdetermination of which platform(s) to engage is achieved by means of alocal table look-up as configured by the service management center.After the causation sub-module processes the token and optionallyfurther compresses the token and determines if the users identity shouldbe hidden, based upon configuration data received from the servicemanagement center, the causation sub-module 2201 b passes the token andplatform meta-data, including platform IDs, to the causation agentsub-module 2201 b. In step 2540, the causation agent receives the tokenevent and, based upon the platform ID(s) meta-data which contains one ormore internal or external rules-based platform identifiers, optionallyencrypts the token, routes the token to the application servicesinterface(s) 140, and awaits a response. In step 2550, the causationagent receives a response from the rules-based platform(s) 2204 and,based upon the response from the rules-based platforms 2204 and thecurrent local or remote devices (30 a), media adapter element 35 b, settop boxes 35 a, TVs and screens, and application services 130 that arein use and available, routes the message and/or uniform locationresource address to the appropriate devices, screens, applications, andthe like.

Note that although the steps shown in FIG. 11 all represent positiveprocessing and responses, error handling, and time-out logic issupported in all the sub-modules and interfaces.

The PCCE can provide users access to many services and informationsources including:

-   -   Ownership/purchasing (e.g., cars, real estate, music, movies,        consumer products, electronic products)    -   Loyalty Card purchase information    -   Employment, Occupation, Employment History, Salary, Benefits,        Type of Insurance    -   Location information (e.g., location now, micro-location now,        location patterns, businesses frequented, commuting methods)    -   Travel Plans, Travel History, Device presence and status    -   Hobbies & Community Activities    -   Hobbies, Interest Groups, Church Groups, Continuing Ed classes,        Volunteer Activities    -   Communications (e.g., phone calls, texts, email, web-based, IM        and IM status, twitter interests, etc.)    -   Financial (e.g., stock/bond portfolio, and stock bond        performance, checking/savings, bills and obligations, medical        bills)    -   Intents (e.g., search information, browsing history, app usage,        travel itinerary, schedule/appointments calendar, “To-Dos”)    -   Education Activities    -   History and Present    -   Home/office Status (e.g., devices offline and devices online,        heating/AC status, alarm system status, presence, lights, garage        doors, locks, motion detectors, cameras, etc.)    -   Purchase Information    -   Musical Interests    -   Social Media/Network (e.g., social network contacts, interests        and intents, social media groups, Twitter followings, focused        social media, contacts and their interest and intents)    -   Exercise & Sleep (e.g., status, history and patterns,        performance, user goals, personal coach goals exercise & sleep,        (weekly, daily activity level, etc.))    -   Medical Info Status and History (e.g., prescription info/bills,        user responsiveness history, user causation preferences, user        goals, medical coach goals, injuries, diseases, medical        conditions and ailments, medications, providers and visits,        schedule, medication status, current medical metrics (BP,        weight, glucose, etc.) and trends)    -   Commerce (e.g., advertising goals, purchase information, media,        media interest, music, video, movies, games, books, articles,        real time consumption status)

The following are exemplary usage scenarios for the PCCE:

-   -   Blood Pressure Check—Results High, alert personal coach    -   Weight Check—Results Low—Celebration action and/or alert        personal/medical coach and/or cause device or home automation        action such as flashing of lights.    -   Medication Reminder Event    -   Medication Reminder not acknowledged—Alert Professional Coach or        Personal Coach    -   Blood Pressure Check—Results good, offer reward for user and        their personal coach, or direct reward to favorite charity    -   Location alert, at restaurant, send incentive to coach or        contact to in turn send recommendation to user for “smart food”        choice, or alert user to “better” restaurant choice based upon        location, consumption objectives, profile preferences,        advertiser objectives, etc.    -   Location alert, at store, based upon previous purchase of        product such as coffee maker, provide incentive for purchasing        additional coffee, etc.    -   Travel itinerary includes air flight, notify user of low impact        exercises to try on the plane    -   Media Search Event—present recommendation based upon previous        viewing or social contacts current or previous viewing    -   Screen based Call for advertising—present ad based upon recent        intents (intents=searches, phone calls meta-data, profile data,        user exercise or medical objectives)    -   Micro Location event—user is in living room, medication not        acknowledged, send reminder to TV    -   Acceptable Sedentary Duration Exceeded, suggestions/reminder        sent to run errands, perform other tasks on “to-do” lists, etc.        (after the movie is over, of course), could also be reminders        from incented friends, contacts, etc.    -   Calendar alert, user traveling in 3 hours, send reminder to        leave for airport in 1.5 hours (based upon location) and        remind/confirm user packed medication    -   Call for advertising from screen, request ad based upon user's        travel itinerary, objectives, interests and search history    -   Reminder—Garage door open, call for ad (based upon token) and        send with notification.    -   Location—Near Home Depot and calendar open (25 mins before        picking up kids), suggest buying AC filter which needs replacing        or offer to order online and ship directly to house.    -   Unexpected Expense, offer money-specific saving suggestions and        offers to control expenses during the month.    -   Weather forecast=rain/snow/ice, adjust travel schedule to        airport and confirm flight schedules    -   Examples of identity detection: Login use ID, Voice Detection,        Face Recognition, Facial Expression Recognition, Micro presence        detection, Macro presence detection (and correlated to        schedule), Activity or Sedentary detection, Typing/tapping        pattern detection (detect based upon typing/taping habits)    -   E-commerce: track purchases, maintain profile information,        billing info, cache relevant ads, recommendation based on        profile    -   Home automation: manage mix of devices with automated control or        controlled by the user, rules-based processing to trigger action        based on sensor/event (e.g., thermostat, alarm sensor, door        bell) and communication out to user or 3^(rd) party.

The PCCE can monitor/track user responsiveness history and usercausation preferences. It can help determine what the users respond toand what types of stimuli motivate to desired results (e.g., friendprompts, authoritarian prompts, positive prompts, negative prompts,special offers, special offers and rewards to friends or causes,frequent reminders, and infrequent reminders, etc.). It can includeconfigurable notification and causation and can be based upon usergoals: financial, consumer, media, medical, physical, safety andsecurity, home maintenance, energy consumption, intents, andinformational goals. It can also be based upon other entity goals:personal coach goals, medical coach goals, advertiser goals, and serviceprovider goals.

The present invention has been described with reference to diagrams ofmethods, apparatus (systems), and computer program products according toembodiments of the invention. It will be understood that each diagramcan be implemented by computer program instructions. These computerprogram instructions may be provided to a processor of a general purposecomputer, special purpose computer, embedded processor or otherprogrammable data processing apparatus to produce a machine such thatthe instructions, which execute via the processor of the computer orother programmable data processing apparatus, create means forimplementing the functions specified herein.

These computer program instructions may also be stored in acomputer-readable memory that can direct a computer or otherprogrammable data processing apparatus to function in a particularmanner such that the instructions stored in the computer-readable memoryproduce an article of manufacture including instruction means whichimplement the function specified herein.

The computer program instructions may also be loaded onto acomputer-readable or other programmable data processing apparatus tocause a series of operational steps to be performed on the computer orother programmable apparatus to produce a computer implemented processsuch that the instructions which execute on the computer or otherprogrammable apparatus provide steps for implementing the functionsspecified herein.

While the invention has been particularly shown and described withrespect to illustrative and preformed embodiments thereof, it will beunderstood by those skilled in the art that the foregoing and otherchanges in form and details may be made therein without departing fromthe spirit and scope of the invention which should be limited only bythe scope of the appended claims.

What is claimed is:
 1. An application gateway locatable at a userpremises, comprising: at least one data communication interfaceproviding wide area network and local area network access; and anapplication services layer module including logic controllable by aservices management center, said application services layer moduleenables a first gateway user to store personal e-health information on agateway and to selectively invite a user or group of users to accesssaid personal e-health information via a remote wide area networkconnection, providing secure access and authentication credentials tothe invited user or group of users and enabling the first gateway userto control the type and amount of the personal e-health information theinvited user or group of users may access, and wherein the applicationservices layer module enables the first gateway user to revoke theauthentication credentials of the invited user or group of users anddisallow access to the personal e-health information.
 2. The applicationgateway of claim 1, wherein the application services layer moduleprovides the capability to encrypt the personal e-health information andsubsequently decrypt personal e-health information based upon thepositive authentication of the invited user or group of usersauthentication credentials.
 3. The application gateway of claim 1,wherein the application services layer module enables the first gatewayuser to subsequently modify the amount of the personal e-healthinformation the invited user or group of users can access.
 4. Theapplication gateway of claim 1, wherein the invited user or group ofusers accesses the personal e-health information via a secondapplication gateway that is located remote from the gateway.
 5. Theapplication gateway of claim 4, wherein the second application gatewayenables the invited user or group of users to view the personal e-healthinformation on a TV.
 6. The application gateway of claim 1, wherein thepersonal e-health information includes documents, charts, status, and/ormedical information derived and compiled from electronic monitoringdevices.
 7. The application gateway of claim 1, wherein the invited andauthenticated users can place tags and comments on the accessed personale-health information.
 8. The application gateway of claim 1, wherein theaccessed personal e-health information can be aggregated by the firstgateway user into a viewing page and stored on the gateway, wherein saidviewing page is viewable by the invited user or group of users.
 9. Theapplication gateway of claim 1, wherein the invited user or group ofusers is notified of personal e-health information updates automaticallyas they occur if a change in information is detected.
 10. Theapplication gateway of claim 1, wherein the invited user accesses thepersonal e-health information via a second application gateway that islocated remote from the first user's application gateway.
 11. Theapplication gateway of claim 10, wherein the second application gatewayenables the invited user or group of users to view the personal e-healthinformation on a TV.
 12. An application gateway locatable at a userpremises, comprising: at least one data communication interfaceproviding wide area network and local area network access; and anapplication services layer module including logic controllable by aservices management center, said application services layer moduleenables a first gateway user to store personal e-health information onsaid gateway and to selectively invite a user or group of users toaccess said personal e-health information via a remote wide area networkconnection, providing secure access and authentication credentials tothe invited user or group of users and enabling the first gateway userto control the type and amount of the personal e-health information theinvited user or group of users may access, wherein the applicationservices layer module provides the capability to encrypt the personale-health information and subsequently decrypt the personal e-healthinformation based upon the positive authentication credentials of theinvited user or group of users, and wherein the application serviceslayer module enables the first gateway user to revoke the authenticationcredentials of the invited user or group of users and disallow access tothe personal e-health information.
 13. The application gateway of claim12, wherein the application services layer module enables the firstgateway user to subsequently modify the amount of the personal e-healthinformation the invited user or group of users can access.
 14. Theapplication gateway of claim 12, wherein the personal e-healthinformation includes documents, charts, status, and/or medicalinformation derived and compiled from electronic monitoring devices. 15.The application gateway of claim 12, wherein the invited andauthenticated users can place tags and comments on the accessed personale-health information.
 16. The application gateway of claim 12, whereinthe accessed personal e-health information can be aggregated by thefirst gateway user into a viewing page and stored on the gateway,wherein said viewing page is viewable by the invited user or group ofusers.
 17. The application gateway of claim 12, wherein the invited useror group of users is notified of personal e-health information updatesautomatically as they occur if a change in information is detected. 18.An application gateway locatable at a user premises, comprising: atleast one data communication interface providing wide area network andlocal area network access; and an application services layer moduleincluding logic controllable by a services management center, saidapplication services layer module providing the capability for a firstgateway user to store personal information on a gateway and enable thefirst gateway user to selectively invite a user or group of users toaccess the personal information via a remote wide area networkconnection, providing secure access and authentication credentials to aninvited user or group of users and enabling the first gateway user tocontrol the type and amount of personal information the invited user orgroup of users may access, wherein the application services layer moduleenables the first gateway user to revoke the authentication credentialsof the invited user or group of users and disallow access to thepersonal information.
 19. The application gateway of claim 18, whereinthe application services layer module provides the capability to encryptthe personal information and subsequently decrypt the personalinformation based upon the positive authentication of the invited useror group of users authentication credentials.
 20. The applicationgateway of claim 18, wherein the application services layer moduleenables the first gateway user to subsequently modify the amount of thepersonal information the invited user or group of users can access. 21.The application gateway of claim 18, wherein the invited user or groupof users access the personal information via a second applicationgateway that is located remote from the gateway.
 22. The applicationgateway of claim 21, wherein the second application gateway enables theinvited user or group of users to view the personal information on a TV.23. The application gateway of claim 18, wherein the personalinformation includes documents, charts, status, and/or medicalinformation derived and compiled from electronic monitoring devices. 24.The application gateway of claim 18, wherein the invited user and theauthenticated users can place tags and comments on the personalinformation.
 25. The application gateway of claim 18, wherein thepersonal information can be aggregated and stored on the gateway. 26.The application gateway of claim 18, wherein the invited user or groupof users is notified of personal information updates automatically asthey occur if a change in information is detected.
 27. The applicationgateway of claim 18, wherein the application services layer moduleenables revocation of the authentication credentials of the invited useror group of users and disallows access to the personal information.